Search • TrustOps • Plans • Shortlists • Rankings • Compare • ChatGPT compatible • Claude compatible • Healthcare • Digests • RSS • RSS XML • Backfill • MCP API
ai.borealhost/mcp
BorealHost
Agent-native web hosting — deploy sites, manage DNS, register domains, scale infrastructure
EXECUTIVE VERDICT
Executive verdict
Production trust decision: Block for production
Reason: failing live status + score below evaluation threshold
Next action: revalidate, add safeguards, export policy
Status
Failing
Score
56.0
Transport
streamable-http
Tools
0
Current trust snapshot
Snapshot ID
trustsnap_48028b180b5cd9c4Use this ID to compare server page, report, policy, MCP, homepage, ranking, and shortlist surfaces.
Snapshot generated
May 13, 2026 06:03:25 PM UTC
All page, report, policy, and MCP surfaces use this same server-detail snapshot shape.
Last validated
May 13, 2026 10:43:38 AM UTC
Age: 7.33h • freshness band: Verified in last 24h • display score: 55.97
Production trust decision
Block for production
failing live status + score below evaluation threshold
Readiness class
Needs remediation
Current validation evidence shows operational or discovery gaps that should be fixed first.
SERVER OWNER FUNNEL
Own this MCP?
Claim ownership, prove control with a GitHub, DNS, or HTTP token challenge, revalidate now, publish a badge, and configure monitoring.
2. Revalidate
POST /v1/servers/ai.borealhost/mcp/revalidateVerified owners get priority queueing after proof succeeds.
3. Badge
Verified by MCP Verify - score 56.0 - last checked May 13, 2026
4. Monitor
Continuous Verify plan is self-serve: choose a tier, configure watches, add authenticated validation, trigger revalidation, and use the badge.
Badge embed
[](https://verify.sentinelsignal.io/servers/ai.borealhost/mcp)
MCP TrustOps
TrustOps turns this report into operational controls: freshness SLAs, authenticated validation, semantic benchmarks, policy exports, alert subscriptions, badges, cost/compliance metadata, and runtime routing. Fresh trusted index decisions stay separate from long-tail inventory so stale scores do not masquerade as current evidence.
Freshness band
Verified in last 24h
Policy SLA: 168.0h • confidence-weighted score: 39.9 • stale score suppressed:
Policy exports
Formats: json, rego, yaml, github_action, gateway_config, client_report
Runtime routing
/v1/routeReturns allowed tools, blocked tools, approval requirement, and reason.
Authenticated validation
Premium publisher feature: paid authenticated runs verify scopes, write-action safeguards, and authorized tool execution.
Active trust badges
Freshly Validated Write-Safe No Critical Risk
Semantic benchmarks
available
Templates cover GitHub, database, healthcare, web search, and CRM least-privilege jobs.
Supply chain
metadata signal
Deep scan checks are marked separately from public metadata signals.
Compliance metadata
Terms, privacy, SOC 2, HIPAA, GDPR, retention, deletion, and audit-log fields are tracked as enterprise metadata.
Alert subscription types
Status changes Score drops or recovers Freshness SLA breach Validation schema drift OAuth or auth behavior changes Tool surface changes New or changed write tool Supply-chain signal changes Legal or compliance metadata changes
Production readiness class
Production readiness class
Needs remediation
Current validation evidence shows operational or discovery gaps that should be fixed first.
Critical alerts
1
Production verdicts degrade quickly when critical alerts are active.
Evidence confidence
Confidence score
71.2
Based on 5 recent validations, 26 captured checks, and validation age of 7.3 hours.
Live checks captured
26
More direct checks increase trust in the current verdict.
Validation age
7.3h
Lower age means fresher evidence.
Recommended for
Generic Streamable HTTP
Generic Streamable HTTP is marked compatible with score 83.
Client compatibility verdicts
Client compatibility only means the server shape can work with a client. Production trust decision and write-action publishing are evaluated separately so a client-compatible server can still be blocked for production.
Client compatibility: ChatGPT
Partially client-compatible
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.; tools/list must succeed.
Confidence: medium (71.25)
Evidence provenance
Winner: live_validation
Supporting sources: live_validation, history, server_card
Disagreements: none
initialize• OKtools_list• Errortransport_compliance_probe• Warningstep_up_auth_probe• Missingconnector_replay_probe• Missing — Frozen tool snapshots must survive refresh.request_association_probe• Missing — Roots, sampling, and elicitation should stay request-scoped.
Client compatibility: Claude
Partially client-compatible
tools/list must succeed.; A useful Claude integration needs at least one exposed tool.
Confidence: medium (71.25)
Evidence provenance
Winner: live_validation
Supporting sources: live_validation, history, server_card
Disagreements: none
initialize• OKtools_list• Errortransport_compliance_probe• Warning
Write-action publishing
Publishing allowed
Current write surface is bounded enough for cautious review with production policy controls.
Confidence: medium (71.25)
Evidence provenance
Winner: live_validation
Supporting sources: live_validation, history
Disagreements: none
action_safety_probe• OK
Snapshot churn risk
Low
No material tool-surface churn detected in the latest comparison.
Confidence: medium (71.25)
Evidence provenance
Winner: history
Supporting sources: history, live_validation
Disagreements: none
tool_snapshot_probe• Missingconnector_replay_probe• Missing
Why compatibility is limited by client
ChatGPT custom connector
Partial
Remediation checklist
- No explicit blockers recorded.
Claude remote MCP
Partial
Remediation checklist
- No explicit blockers recorded.
Write-safe publishing
Ready
Remediation checklist
- No explicit blockers recorded.
Verdict traces
Production verdict
Needs remediation
Current validation evidence shows operational or discovery gaps that should be fixed first.
Confidence: medium (71.25)
Winning source: live_validation
Triggering alerts
server_failing• critical • Latest validation is failing
Client verdict trace table
| Verdict | Status | Checks | Winning source | Conflicts |
|---|---|---|---|---|
openai_connectors |
Partially client-compatible | initialize, tools_list, transport_compliance_probe, step_up_auth_probe, connector_replay_probe, request_association_probe | live_validation | none |
claude_desktop |
Partially client-compatible | initialize, tools_list, transport_compliance_probe | live_validation | none |
unsafe_for_write_actions |
Publishing allowed | action_safety_probe | live_validation | none |
snapshot_churn_risk |
Low | tool_snapshot_probe, connector_replay_probe | history | none |
Publishability policy profiles
ChatGPT custom connector compatibility
Compatible with review
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.; tools/list must succeed. Compatibility is not a production approval; company knowledge and Messages API gates remain separate.
- Search Fetch Only: No
- Write Actions Present: No
- Oauth Configured: No
- Admin Refresh Required: No
- Safe For Company Knowledge: No
- Safe For Messages Api Remote Mcp: No
Claude remote MCP compatibility
Compatible with review
tools/list must succeed.; A useful Claude integration needs at least one exposed tool. Compatibility is not a production approval; company knowledge and Messages API gates remain separate.
- Search Fetch Only: No
- Write Actions Present: No
- Oauth Configured: No
- Admin Refresh Required: No
- Safe For Company Knowledge: No
- Safe For Messages Api Remote Mcp: No
Compatibility fixtures
ChatGPT custom connector fixture
Degraded
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.; tools/list must succeed.
- remote_http_endpoint: Passes
- oauth_discovery: Degraded
- frozen_tool_snapshot_refresh: Passes
- request_association: Passes
Anthropic remote MCP fixture
Degraded
tools/list must succeed.; A useful Claude integration needs at least one exposed tool.
- remote_transport: Passes
- tool_discovery: Likely to fail
- auth_connect: Passes
- safe_write_review: Passes
Authenticated validation sessions
Public validation is free. Authenticated validation is paid and proves scoped behavior, write-action safeguards, and authenticated tool execution.
Latest profile
remote_mcp
Authenticated session used
Public score isolation
Preview endpoint
/v1/verifyCI preview endpoint
/v1/ci/previewPublic server reputation
Validation success 7d
0.0
Validation success 30d
0.0
Mean time to recover
n/a
Breaking diffs 30d
0
Registry drift frequency 30d
0
Snapshot changes 30d
0
Incident & change feed
| Timestamp | Event | Details |
|---|---|---|
| May 13, 2026 10:43:38 AM UTC | Latest validation: failing | Score 56.0 with status failing. |
| May 13, 2026 10:43:38 AM UTC | Score changed | Score delta +0.3 versus the previous run. |
| May 13, 2026 02:41:46 AM UTC | Score changed | Score delta +0.1 versus the previous run. |
| May 12, 2026 06:40:29 PM UTC | Score changed | Score delta +0.1 versus the previous run. |
Capabilities
- OAuth:
- DCR/CIMD:
- Prompts:
- Homepage: https://borealhost.ai
- Docs: none
- Support: none
- Icon: none
- Remote endpoint: https://borealhost.ai/mcp/
- Server card: none
Use-case taxonomy
web cloud automation
Security posture
Tools analyzed
0
High-risk tools
0
Destructive tools
0
Exec tools
0
Egress tools
0
Secret tools
0
Bulk-access tools
0
Risk distribution
none
Tool capability & risk inventory
No tool inventory available from the latest validation run.
Write-action governance
Governance status
OK
Safe to publish
Auth boundary
public_or_unclear
Blast radius
Low
High-risk tools
0
Confirmation signals
none
Safeguard count
0
Status detail: No unsafe write-action governance gaps detected on the latest validation.
| Tool | Risk | Flags | Safeguards |
|---|---|---|---|
| No high-risk tools were detected on the latest run. | |||
Action-controls diff
Need at least two validation runs before diffing action controls.
Why this score?
Access & Protocol
31.5/44
Connectivity, auth, and transport expectations for common clients.
Interface Quality
13.88/56
How well the tool/resource interface communicates and behaves under automation.
Security Posture
24/36
How safely the exposed tool surface handles destructive actions, egress, execution, secrets, and risky inputs.
Reliability & Trust
15.83/24
Operational stability, consistency, and trustworthiness over time.
Discovery & Governance
20.5/28
How well the server is documented, listed, and governed in public registries.
Adoption & Market
4/8
Adoption clues and public evidence that the server is intended for external use.
Algorithmic score breakdown
Auth Operability
2/4
Measures whether auth discovery and protected access behave predictably for clients.
Error Contract Quality
0.5/4
Grades machine-readable error structure, status alignment, and remediation hints.
Rate-Limit Semantics
2/4
Checks whether quota/throttle responses are deterministic and automation-friendly.
Schema Completeness
0/4
Completeness of tool descriptions, parameter docs, examples, and schema shape.
Backward Compatibility
4/4
Stability score across tool schema/name drift relative to prior validations.
SLO Health
3/4
Availability, latency, and burst-failure profile across recent validation history.
Security Hygiene
2/4
HTTPS posture, endpoint hygiene, and response-surface hardening checks.
Task Success
3.3/4
Can an agent reliably initialize, enumerate tools, and execute core MCP flows?
Trust Confidence
0.5/4
Confidence-adjusted reliability score that penalizes low evidence volume.
Abuse/Noise Resilience
2.5/4
How well the server preserves core behavior in the presence of noisy traffic patterns.
Prompt Contract
2/4
Quality of prompt metadata, argument shape, and prompt discoverability for clients.
Resource Contract
2/4
How completely resources and resource templates describe URIs, types, and usage shape.
Discovery Metadata
4/4
Homepage, docs, icon, repository, support, and license coverage for directory consumers.
Registry Consistency
2/4
Agreement between stored registry metadata, live server-card data, and current validation output.
Installability
2/4
How cleanly a real client can connect, initialize, enumerate tools, and proceed through auth.
Session Semantics
2.5/4
Determinism and state behavior across repeated MCP calls, including sticky-session surprises.
Tool Surface Design
0/4
Naming clarity, schema ergonomics, and parameter complexity across the tool surface.
Result Shape Stability
0/4
Stability of declared output schemas across validations, with penalties for drift or missing shapes.
OAuth Interop
3/4
Depth and client compatibility of OAuth/OIDC metadata beyond the minimal protected-resource check.
Recovery Semantics
0.4/4
Whether failures include actionable machine-readable next steps such as retry or upgrade guidance.
Maintenance Signal
2/4
Versioning, update recency, and historical validation cadence that indicate active stewardship.
Adoption Signal
2/4
Directory presence and distribution clues that suggest the server is intended for external use.
Freshness Confidence
2.5/4
Confidence that recent validations are current enough and dense enough to trust operationally.
Transport Fidelity
4/4
Whether declared transport metadata matches the observed endpoint behavior and response formats.
Spec Recency
2/4
How close the server’s claimed MCP protocol version is to the latest known public revision.
Session Resume
4/4
Whether Streamable HTTP session identifiers and resumed requests behave cleanly for real clients.
Step-Up Auth
3/4
Whether OAuth metadata and WWW-Authenticate challenges support granular, incremental consent instead of broad upfront scopes.
Transport Compliance
3/4
Checks session headers, protocol-version enforcement, session teardown, and expired-session behavior.
Utility Coverage
2/4
Signals support for completions, pagination, and task-oriented utility surfaces that larger clients increasingly expect.
Advanced Capability Coverage
2/4
Coverage of newer MCP surfaces like roots, sampling, elicitation, structured output, and related metadata.
Connector Publishability
2/4
How ready the server looks for client catalogs and managed connector programs.
Tool Snapshot Churn
0/4
Stability of the tool surface across recent validations, including add/remove and output-shape drift.
Connector Replay
3/4
Whether a previously published frozen connector snapshot would remain backward compatible after the latest tool refresh.
Request Association
3/4
Whether roots, sampling, and elicitation appear tied to active client requests instead of arriving unsolicited on idle sessions.
Interactive Flow Safety
3/4
Whether prompts and docs steer users toward safe auth flows instead of pasting secrets directly.
Action Safety
3/4
Risk-weighted view of destructive, exec, egress, and confirmation semantics across the tool surface.
Official Registry Presence
4/4
Whether the server appears directly or indirectly in the official MCP registry.
Provenance Divergence
4/4
How closely official registry metadata, the live server card, and public repo/package signals agree with each other.
Safety Transparency
2/4
Clarity of docs, auth disclosure, support links, and other trust signals visible to integrators.
Tool Capability Clarity
0/4
How clearly the tool surface communicates whether each action reads, writes, deletes, executes, or exports data.
Destructive Operation Safety
3/4
Penalizes delete/revoke/destroy style tools unless auth and safeguards reduce blast radius.
Egress / SSRF Resilience
3/4
Assesses arbitrary URL fetch, crawl, webhook, and remote-request exposure on the tool surface.
Execution / Sandbox Safety
4/4
Evaluates shell, code, script, and command-execution exposure and whether that surface appears contained.
Data Exfiltration Resilience
3/4
Assesses export, dump, backup, and bulk-read behavior against the surrounding auth and safeguard signals.
Least Privilege Scope
3/4
Rewards scoped auth metadata and penalizes broad or missing scopes around privileged tools.
Secret Handling Hygiene
3/4
Assesses secret-bearing tools, token leakage risk, and whether the public surface avoids obvious secret exposure.
Supply Chain Signal
2.5/4
Public metadata signal for repository, changelog, license, versioning, and recency that supports supply-chain trust.
Input Sanitization Safety
0/4
Penalizes risky freeform string inputs when schemas do not constrain URLs, code, paths, queries, or templates.
Tool Namespace Clarity
0/4
Measures naming uniqueness and ambiguity across the tool namespace to reduce collision and confusion risk.
Compatibility profiles
OpenAI Connectors
66.7
partial
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.; tools/list must succeed.
Connector URL: https://borealhost.ai/mcp/ # No OAuth metadata detected. # Server: ai.borealhost/mcp
Claude Desktop
66.7
partial
tools/list must succeed.; A useful Claude integration needs at least one exposed tool.
{
"mcpServers": {
"mcp": {
"command": "npx",
"args": ["mcp-remote", "https://borealhost.ai/mcp/"]
}
}
}
Smithery
60.0
partial
Tool discovery must succeed.; Machine-readable failure semantics should be present.
smithery mcp add "https://borealhost.ai/mcp/"
Generic Streamable HTTP
83.3
compatible
tools/list must succeed.
curl -sS https://borealhost.ai/mcp/ -H 'content-type: application/json' -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-03-26","capabilities":{},"clientInfo":{"name":"mcp-verify","version":"0.1.0"}}}'
Actionable remediation
| Severity | Remediation | Why it matters | Recommended action |
|---|---|---|---|
| Critical | Ensure tools/list succeeds consistently | Tools discovery is the minimum viable contract for most MCP clients and directories. | Make tools/list succeed unauthenticated when possible, or document the auth flow in the server card.Playbook
|
| Critical | Respond to latest validation is failing | Core MCP flows did not validate successfully on the latest run. | Fix the failing checks first, then revalidate to confirm the recovery path.Playbook
|
| High | Align session and protocol behavior with Streamable HTTP expectations | Clients increasingly rely on MCP-Protocol-Version, session teardown, and expired-session semantics. | Align MCP-Protocol-Version, MCP-Session-Id, DELETE teardown, and expired-session handling with the transport spec.Playbook
|
| High | Associate roots, sampling, and elicitation with active client requests | Modern MCP guidance expects roots, sampling, and elicitation traffic to be tied to an active client request instead of arriving unsolicited on idle sessions. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| High | Expose /.well-known/oauth-protected-resource | Without a protected-resource document, OAuth clients cannot discover auth requirements reliably. | Serve /.well-known/oauth-protected-resource and point it at your authorization server metadata.Playbook
|
| High | Keep connector refreshes backward compatible | Managed connector clients freeze tool snapshots, so removed tools, new required args, and breaking output changes can break published integrations after refresh. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| High | Publish OAuth authorization-server metadata | Clients need authorization-server metadata to discover issuer, endpoints, and DCR support. | Publish /.well-known/oauth-authorization-server from your issuer and include registration_endpoint when supported.Playbook
|
| High | Publish a complete server card | Missing or incomplete server-card metadata weakens discovery, documentation, and trust signals. | Serve /.well-known/mcp/server-card.json and include tools, prompts/resources, homepage, and support links.Playbook
|
| High | Stop asking users to paste secrets directly | Public MCP servers should prefer OAuth or browser-based auth guidance over in-band secret collection. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Medium | Adopt a current MCP protocol revision | Older protocol revisions reduce compatibility with newer clients and registry programs. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Medium | Close connector-publishing gaps | Connector catalogs care about protocol recency, session behavior, auth clarity, and tool-surface stability. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Medium | Document minimal scopes and return cleaner auth challenges | Modern clients expect granular scopes and step-up auth signals such as WWW-Authenticate scope hints. | Return granular scopes and WWW-Authenticate challenge hints instead of forcing overly broad auth upfront.Playbook
|
| Medium | Publish OpenID configuration | OIDC metadata improves token validation and client compatibility. | Expose /.well-known/openid-configuration with issuer, jwks_uri, and supported grants.Playbook
|
| Medium | Raise Adoption & Market score | Adoption clues and public evidence that the server is intended for external use. | Increase external documentation and directory coverage so users can discover and evaluate the server.Playbook
|
| Medium | Raise Interface Quality score | How well the tool/resource interface communicates and behaves under automation. | Improve schemas, error contracts, and recovery messages so agents can reason about the surface automatically.Playbook
|
| Medium | Reduce tool-surface churn | Frequent add/remove or output-shape drift makes published connectors and cached tool snapshots brittle. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Medium | Repair prompts/list or stop advertising prompts | Prompt metadata should either work live or be removed from the advertised capability set. | Only advertise prompts if prompts/list works and prompt arguments are documented.Playbook
|
| Medium | Repair resources/list or stop advertising resources | Resource metadata should either work live or be removed from the advertised capability set. | Only advertise resources if resources/list works and resources expose stable URIs/types.Playbook
|
| Low | Expose modern utility surfaces like completions, pagination, or tasks | Utility coverage improves interoperability with larger clients and long-lived agent workflows. | Expose completions, pagination, and task metadata where supported so larger clients can plan and resume work safely.Playbook
|
| Low | Publish newer MCP capability signals | Roots, sampling, elicitation, structured outputs, and related metadata improve client understanding and ranking. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
Point loss breakdown
| Component | Current | Points missing |
|---|---|---|
| Tool Surface Design | 0/4 | -4.0 |
| Tool Snapshot Churn | 0/4 | -4.0 |
| Tool Namespace Clarity | 0/4 | -4.0 |
| Tool Capability Clarity | 0/4 | -4.0 |
| Schema Completeness | 0/4 | -4.0 |
| Result Shape Stability | 0/4 | -4.0 |
| Input Sanitization Safety | 0/4 | -4.0 |
| Recovery Semantics | 0.4/4 | -3.6 |
| Trust Confidence | 0.5/4 | -3.5 |
| Error Contract | 0.5/4 | -3.5 |
| Utility Coverage | 2/4 | -2.0 |
| Spec Recency | 2/4 | -2.0 |
Validation diff
Score delta
0.3
Summary changed
no
Tool delta
0
Prompt delta
0
Auth mode changed
no
Write surface expanded
no
Protocol regressed
no
Registry drift changed
no
Regressed checks: none
Improved checks: none
| Component | Previous | Latest | Delta |
|---|---|---|---|
freshness_confidence_score | 2.0 | 2.5 | 0.5 |
trust_confidence_score | 0.4 | 0.5 | 0.1 |
Tool snapshot diff & changelog
Need at least two validation runs before building a tool changelog.
Connector replay
Status
Missing
Backward compatible
Would break after refresh
Added tools
none
Removed tools
none
Additive output changes
none
Required-argument replay breaks
| Tool | Added required args | Removed required args |
|---|---|---|
| No required-argument replay breaks detected. | ||
Output-schema replay breaks
| Tool | Removed properties | Added properties |
|---|---|---|
| No output-schema replay breaks detected. | ||
Transport compliance drilldown
Probe status
Warning
Transport
streamable-http
Session header
yes
Protocol header
no
Bad protocol response
400
DELETE teardown
200
Expired session retry
404
Last-Event-ID visible
no
Issues: missing_protocol_header
Request association
Status
Missing
Advertised capabilities
none
Observed idle methods
none
Violating methods
none
Probe HTTP status
n/a
Issues
none
Utility coverage
Probe status
Missing
Completions
not detected
Completion probe target: none
Pagination
not detected
No nextCursor evidence.
Tasks
Missing
Advertised: no
Benchmark tasks
| Benchmark task | Status | Evidence |
|---|---|---|
| Discover tools | Likely to fail |
|
| Read-only fetch flow | Likely to fail |
|
| OAuth-required connect | Degraded |
|
| Safe write flow with confirmation | Passes |
|
Registry & provenance divergence
Probe status
OK
Direct official match
yes
Drift fields
none
| Field | Registry | Live server card |
|---|---|---|
| Title | n/a | n/a |
| Version | n/a | n/a |
| Homepage | n/a | n/a |
Active alerts
- Latest validation is failing (critical)
Core MCP flows did not validate successfully on the latest run.
Aliases & registry graph
| Identifier | Source | Canonical | Score |
|---|---|---|---|
ai.borealhost/mcp |
official_registry | yes | 55.97 |
Alias consolidation
Canonical identifier
ai.borealhost/mcp
Duplicate aliases
0
Registry sources
official_registry
Remote URLs
Homepages
Source disagreements
| Field | What differs | Observed values |
|---|---|---|
| No source disagreements detected. | ||
Install snippets
Openai Connectors
Connector URL: https://borealhost.ai/mcp/ # No OAuth metadata detected. # Server: ai.borealhost/mcp
Claude Desktop
{
"mcpServers": {
"mcp": {
"command": "npx",
"args": ["mcp-remote", "https://borealhost.ai/mcp/"]
}
}
}
Smithery
smithery mcp add "https://borealhost.ai/mcp/"
Generic Http
curl -sS https://borealhost.ai/mcp/ -H 'content-type: application/json' -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-03-26","capabilities":{},"clientInfo":{"name":"mcp-verify","version":"0.1.0"}}}'
Agent access & tool surface
Live server tools
No live tool surface captured yet.
Observed from the latest live validation against https://borealhost.ai/mcp/. This is the target server surface, not Verify's own inspection tools.
Live capability counts
0 tools • 0 prompts • 0 resources
Counts come from the latest
tools/list, prompts/list, and resources/list checks.Inspect with Verify
search fetch search_servers recommend_servers get_server_report compare_servers
Use Verify itself to search, recommend, compare, and fetch the full report for
ai.borealhost/mcp.Direct machine links
Claims & monitoring
Server ownership
No verified maintainer claim recorded.
Watch subscriptions
0
Teams: none
Alert routing
Active watches
0
Generic webhooks
0
Slack routes
0
Teams routes
0
Email routes
0
| Watch | Team | Channels | Minimum severity |
|---|---|---|---|
| No active watch destinations. | |||
Maintainer analytics
Validation Run Count
5
Average Latency Ms
1033.43
Healthy Run Ratio Recent
0.0
Registry Presence Count
1
Active Alert Count
1
Watcher Count
0
Verified Claim
False
Taxonomy Tags
web, cloud, automation
Score Trend
55.97, 55.67, 55.55, 55.44, 53.22
Remediation Count
20
High Risk Tool Count
0
Destructive Tool Count
0
Exec Tool Count
0
Maintainer response quality
Score
16.67
Verified claim
Support contact
Changelog present
Incident notes present
Tool changes documented
Annotation history
Annotation count
0
Maintainer annotations
No maintainer annotations have been recorded yet.
Maintainer rebuttals & expected behavior
No maintainer rebuttals or expected-behavior overrides are recorded yet.
Latest validation evidence
Latest summary
Failing
Validation profile
remote_mcp
Started
May 13, 2026 10:43:38 AM UTC
Latency
895.3 ms
Failures
oauth_authorization_serverno authorization serveroauth_protected_resourceClient error '404 Not Found' for url 'https://borealhost.ai/.well-known/oauth-protected-resource' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404openid_configurationno authorization serverserver_cardClient error '404 Not Found' for url 'https://borealhost.ai/.well-known/mcp/server-card.json' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404tools_listClient error '400 Bad Request' for url 'https://borealhost.ai/mcp/' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400
Checks
| Check | Status | Latency | Evidence |
|---|---|---|---|
action_safety_probe |
OK | n/a | No high-risk write, destructive, or exec tools detected. |
advanced_capabilities_probe |
Missing | n/a | No advanced MCP capability signals detected. |
connector_publishability_probe |
Error | n/a | Publishability blockers: tools list, server card, tool surface. |
connector_replay_probe |
Missing | n/a | No connector replay evidence recorded. |
determinism_probe |
Missing | n/a | tools list unavailable |
initialize |
OK | 36.3 ms | Protocol 2025-03-26 |
interactive_flow_probe |
Missing | n/a | Check completed |
oauth_authorization_server |
Missing | n/a | no authorization server |
oauth_protected_resource |
Error | 64.7 ms | Client error '404 Not Found' for url 'https://borealhost.ai/.well-known/oauth-protected-resource' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404 |
official_registry_probe |
OK | n/a | Check completed |
openid_configuration |
Missing | n/a | no authorization server |
probe_noise_resilience |
OK | 127.6 ms | Fetched https://borealhost.ai/robots.txt |
prompt_get |
Missing | n/a | not advertised |
prompts_list |
Missing | 101.7 ms | Client error '400 Bad Request' for url 'https://borealhost.ai/mcp/' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400 |
protocol_version_probe |
Warning | n/a | Claims 2025-03-26; 2 release(s) behind 2025-11-25. |
provenance_divergence_probe |
OK | n/a | Check completed |
request_association_probe |
Missing | n/a | No request-association capabilities were advertised. |
resource_read |
Missing | n/a | not advertised |
resources_list |
Missing | 92.2 ms | Client error '400 Bad Request' for url 'https://borealhost.ai/mcp/' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400 |
server_card |
Error | 160.4 ms | Client error '404 Not Found' for url 'https://borealhost.ai/.well-known/mcp/server-card.json' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404 |
session_resume_probe |
OK | 126.7 ms | 95 tool(s) exposed |
step_up_auth_probe |
Missing | n/a | No OAuth or incremental-scope signals detected. |
tool_snapshot_probe |
Missing | n/a | no tools |
tools_list |
Error | 40.3 ms | Client error '400 Bad Request' for url 'https://borealhost.ai/mcp/' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400 |
transport_compliance_probe |
Warning | 56.5 ms | Issues: missing protocol header (bad protocol=400, DELETE=200, expired session=404). |
utility_coverage_probe |
Missing | 28.9 ms | No completions evidence; no pagination evidence; tasks missing. |
Raw evidence view
Show raw JSON evidence
{
"checks": {
"action_safety_probe": {
"details": {
"auth_present": false,
"confirmation_signals": [],
"safeguard_count": 0,
"summary": {
"bulk_access_tools": 0,
"capability_distribution": {},
"destructive_tools": 0,
"egress_tools": 0,
"exec_tools": 0,
"high_risk_tools": 0,
"risk_distribution": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0
},
"secret_tools": 0,
"tool_count": 0
}
},
"latency_ms": null,
"status": "ok"
},
"advanced_capabilities_probe": {
"details": {
"capabilities": {
"completions": false,
"elicitation": false,
"prompts": false,
"resource_links": false,
"resources": false,
"roots": false,
"sampling": false,
"structured_outputs": false
},
"enabled": [],
"enabled_count": 0,
"initialize_capability_keys": [
"experimental",
"prompts",
"resources",
"tools"
]
},
"latency_ms": null,
"status": "missing"
},
"connector_publishability_probe": {
"details": {
"blockers": [
"tools_list",
"server_card",
"tool_surface"
],
"criteria": {
"action_safety": true,
"auth_flow": true,
"connector_replay": true,
"initialize": true,
"protocol_version": true,
"remote_transport": true,
"request_association": true,
"server_card": false,
"session_resume": true,
"step_up_auth": true,
"tool_surface": false,
"tools_list": false,
"transport_compliance": true
},
"high_risk_tools": 0,
"tool_count": 0,
"transport": "streamable-http"
},
"latency_ms": null,
"status": "error"
},
"connector_replay_probe": {
"details": {
"reason": "no_tools"
},
"latency_ms": null,
"status": "missing"
},
"determinism_probe": {
"details": {
"reason": "tools_list_unavailable"
},
"latency_ms": null,
"status": "missing"
},
"initialize": {
"details": {
"headers": {
"content-type": "text/event-stream",
"mcp-session-id": "9e47197d0e10454f903bfdd449777631"
},
"http_status": 200,
"payload": {
"id": 1,
"jsonrpc": "2.0",
"result": {
"capabilities": {
"experimental": {},
"prompts": {
"listChanged": false
},
"resources": {
"listChanged": false,
"subscribe": false
},
"tools": {
"listChanged": false
}
},
"instructions": "# BorealHost \u2014 Agent Instructions\n\nYou are connected to BorealHost.ai, an agent-native web hosting platform based in Quebec, Canada. All prices are in **CAD**. You can purchase hosting, deploy sites, manage DNS, register domains, and scale infrastructure \u2014 entirely through these tools, without human intervention.\n\n## Quick Start Workflow\n\n1. **Discover plans** \u2014 call `list_plans()` to see available hosting plans with pricing and resources\n2. **Create checkout** \u2014 call `create_checkout(sku)` with a SKU like `bh_site_starter_monthly`\n3. **Set buyer info** \u2014 call `update_checkout(checkout_id, requested_slug=\"my-site\")` to pick a site name\n4. **Pay** \u2014 call `complete_checkout(checkout_id)` to process payment\n5. **Poll provisioning** \u2014 call `get_checkout_status(checkout_id)` until status is `completed`\n6. **Manage your site** \u2014 use `get_site_status`, `manage_dns`, `deploy`, file tools, etc.\n\n## Authentication\n\n- **API key format:** `bh_<48 hex chars>` \u2014 pass as `Authorization: Bearer <key>`\n- **Session-based:** Call `set_api_key(\"bh_...\")` to activate an existing key for this session \u2014 all subsequent tools will use it automatically\n- **Auto-activation:** Keys are automatically activated when returned by `register()`, `complete_checkout()`, or `get_checkout_status()` \u2014 no extra step needed\n- **Environment variable:** Optionally set `BOREALHOST_API_KEY` before connecting (used as default if no session key is set)\n- **Scopes:** `read` (view data), `write` (modify resources), `admin` (delete/scale)\n- **One-time display:** API keys are shown **exactly once** on creation or rotation \u2014 store immediately\n- **New agents:** Call `register()` \u2014 no auth needed, returns a fresh read+write key and activates it\n- **Existing users:** Call `set_api_key()` with the owner's key from the BorealHost panel\n- **On-site agents (challenge-response):** If you are running on a BorealHost container and need an API key, use the two-step claim flow:\n 1. Call `request_api_key(\"your-site-slug\")` \u2014 a claim token is written to your container\n 2. Read the token file from the container filesystem\n 3. Call `claim_api_key(token)` \u2014 the API key is returned and auto-activated\n This proves you have access to the container without storing secrets on disk.\n- Some tools require no authentication: `list_plans`, `create_checkout`, `update_checkout`, `complete_checkout`, `get_checkout_status`, `request_api_key`\n\n## SKU Format\n\nPlan SKUs follow the pattern: `bh_{plan_slug}_{billing_period}`\n\nExamples:\n- `bh_site_starter_monthly` / `bh_site_starter_annual`\n- `bh_site_pro_monthly` / `bh_site_pro_annual`\n- `bh_site_managed_monthly` / `bh_site_managed_annual`\n- `bh_site_business_monthly` / `bh_site_business_annual`\n\nCall `list_plans()` to discover all current plan slugs.\n\n## Payment Methods\n\nTwo options in `complete_checkout()`:\n\n1. **`stripe_checkout`** (default) \u2014 Returns a Stripe-hosted payment URL. Present this URL to the human user. Then poll `get_checkout_status()` until status becomes `completed`. The API key is included in the first poll response after completion (shown once, then cleared).\n\n2. **`stripe_payment_method`** \u2014 Charges a Stripe PaymentMethod directly. Requires `payment_method_id` parameter. On success, the response includes the API key immediately. No polling needed.\n\n## Polling Strategy\n\nWhen waiting for checkout completion or provisioning:\n- **First 60 seconds:** Poll every **5 seconds**\n- **After 60 seconds:** Poll every **15 seconds**\n- **Timeout:** Stop after **10 minutes** \u2014 if still not completed, something went wrong\n\nTerminal checkout statuses: `completed`, `canceled`, `failed`\n\n## Error Handling\n\nAll API responses use a consistent envelope:\n```json\n{\"ok\": true, \"data\": {...}, \"meta\": {\"request_id\": \"uuid\", \"timestamp\": \"iso8601\"}}\n{\"ok\": false, \"error\": {\"code\": \"ERROR_CODE\", \"message\": \"Human-readable message\"}, \"meta\": {...}}\n```\n\nTools unwrap this envelope \u2014 you receive the `data` directly on success, or an exception on error.\n\n### Error Codes and Recovery\n\n| Code | HTTP | Meaning | Recovery |\n|------|------|---------|----------|\n| `VALIDATION_ERROR` | 422 | Invalid input (bad email, slug, SKU, etc.) | Fix the input and retry |\n| `NOT_FOUND` | 404 | Resource doesn't exist | Check the identifier (slug, domain, key ID) |\n| `UNAUTHORIZED` | 401 | Missing or invalid API key | Set `BOREALHOST_API_KEY` or call `register()` |\n| `FORBIDDEN` | 403 | Insufficient scope or wrong owner | Check that your key has the required scope |\n| `RATE_LIMITED` | 429 | Too many requests | Wait for the duration in the `Retry-After` header, then retry |\n| `INTERNAL_ERROR` | 500 | Server error | Retry with exponential backoff (1s, 2s, 4s) up to 3 times |\n\n## Slug Rules\n\nSite slugs must match: `^[a-z0-9][a-z0-9-]{1,48}[a-z0-9]$`\n- 3\u201350 characters\n- Lowercase alphanumeric and hyphens only\n- Cannot start or end with a hyphen\n- Must be globally unique \u2014 if taken, try a different one\n\n## Best Practices\n\n- **Store API keys immediately** \u2014 they are shown only once and cannot be retrieved\n- **Create snapshots before destructive operations** \u2014 call `create_snapshot()` before scaling down or decommissioning\n- **Check site status after provisioning** \u2014 call `get_site_status()` to confirm the site is ready before managing it\n- **Use `whoami()` to verify your key** \u2014 confirms scopes, account info, and active site count\n- **Domain registration requires complete WHOIS contact info** \u2014 have all fields ready before calling `register_domain()`\n- **For .ca domains**, always provide `ca_legal_type` (CCT for corporation, CCO for citizen, RES for resident)\n\n## Available Resources\n\nRead these MCP resources for detailed reference data:\n- `borealhost://api/errors` \u2014 Full error code catalog with recovery guidance\n- `borealhost://api/scopes` \u2014 API key scope descriptions and tool requirements\n- `borealhost://api/enums` \u2014 All valid enum values (checkout status, DNS types, log types, etc.)\n- `borealhost://api/response-format` \u2014 API response envelope documentation\n- `borealhost://plans` \u2014 Live plan catalog with current pricing\n\n## Available Prompts\n\nUse these MCP prompts for guided workflows:\n- `purchase_hosting` \u2014 Step-by-step hosting purchase flow\n- `setup_site` \u2014 Post-purchase site configuration (DNS, deploy, modules)\n- `manage_dns` \u2014 Common DNS operations guide\n- `register_domain` \u2014 Domain registration with WHOIS field checklist\n",
"protocolVersion": "2025-03-26",
"serverInfo": {
"name": "BorealHost",
"version": "1.27.0"
}
}
},
"url": "https://borealhost.ai/mcp/"
},
"latency_ms": 36.33,
"status": "ok"
},
"interactive_flow_probe": {
"details": {
"oauth_supported": false,
"prompt_available": false,
"risk_hits": [],
"safe_hits": []
},
"latency_ms": null,
"status": "missing"
},
"oauth_authorization_server": {
"details": {
"reason": "no_authorization_server"
},
"latency_ms": null,
"status": "missing"
},
"oauth_protected_resource": {
"details": {
"error": "Client error '404 Not Found' for url 'https://borealhost.ai/.well-known/oauth-protected-resource'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://borealhost.ai/.well-known/oauth-protected-resource"
},
"latency_ms": 64.69,
"status": "error"
},
"official_registry_probe": {
"details": {
"direct_match": true,
"official_peer_count": 1,
"registry_identifier": "ai.borealhost/mcp",
"registry_source": "official_registry"
},
"latency_ms": null,
"status": "ok"
},
"openid_configuration": {
"details": {
"reason": "no_authorization_server"
},
"latency_ms": null,
"status": "missing"
},
"probe_noise_resilience": {
"details": {
"headers": {
"content-type": "text/plain",
"strict-transport-security": "max-age=31536000; includeSubDomains; preload"
},
"http_status": 200,
"url": "https://borealhost.ai/robots.txt"
},
"latency_ms": 127.61,
"status": "ok"
},
"prompt_get": {
"details": {
"reason": "not_advertised"
},
"latency_ms": null,
"status": "missing"
},
"prompts_list": {
"details": {
"error": "Client error '400 Bad Request' for url 'https://borealhost.ai/mcp/'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400",
"headers": {
"content-type": "application/json",
"mcp-session-id": "43257b40dfdc4a8081d7ce82cf1ba112"
},
"http_status": 400,
"payload": {},
"reason": "not_advertised",
"url": "https://borealhost.ai/mcp/"
},
"latency_ms": 101.67,
"status": "missing"
},
"protocol_version_probe": {
"details": {
"claimed_version": "2025-03-26",
"lag_days": 244,
"latest_known_version": "2025-11-25",
"releases_behind": 2,
"validator_protocol_version": "2025-03-26"
},
"latency_ms": null,
"status": "warning"
},
"provenance_divergence_probe": {
"details": {
"direct_official_match": true,
"drift_fields": [],
"metadata_document_count": 2,
"registry_homepage": null,
"registry_repository": null,
"registry_title": null,
"registry_version": null,
"server_card_homepage": null,
"server_card_repository": null,
"server_card_title": null,
"server_card_version": null
},
"latency_ms": null,
"status": "ok"
},
"request_association_probe": {
"details": {
"reason": "no_request_association_capabilities_advertised"
},
"latency_ms": null,
"status": "missing"
},
"resource_read": {
"details": {
"reason": "not_advertised"
},
"latency_ms": null,
"status": "missing"
},
"resources_list": {
"details": {
"error": "Client error '400 Bad Request' for url 'https://borealhost.ai/mcp/'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400",
"headers": {
"content-type": "application/json",
"mcp-session-id": "2b60271284f741ffa9b485f875290993"
},
"http_status": 400,
"payload": {},
"reason": "not_advertised",
"url": "https://borealhost.ai/mcp/"
},
"latency_ms": 92.2,
"status": "missing"
},
"server_card": {
"details": {
"error": "Client error '404 Not Found' for url 'https://borealhost.ai/.well-known/mcp/server-card.json'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://borealhost.ai/.well-known/mcp/server-card.json"
},
"latency_ms": 160.38,
"status": "error"
},
"session_resume_probe": {
"details": {
"headers": {
"content-type": "text/event-stream",
"mcp-session-id": "9e47197d0e10454f903bfdd449777631"
},
"http_status": 200,
"payload": {
"id": 301,
"jsonrpc": "2.0",
"result": {
"tools": [
{
"description": "Register a new agent account and get an API key.\n\nNo authentication needed. The returned API key grants read+write access\nto all BorealHost API endpoints. Store it securely \u2014 it cannot be\nretrieved again.\n\nThe key is automatically activated for this session \u2014 all subsequent\ntool calls will use it. No extra configuration needed.\n\nIf no email is provided, a synthetic agent identity is created\n(agent-{uuid}@api.borealhost.ai). If an email is provided, it links\nto an existing or new human account.\n\nArgs:\n name: Human-readable name for this API key (default: \"Agent Key\")\n email: Optional email to link to a human account\n\nReturns:\n {\"api_key\": \"bh_...\", \"key_id\": \"uuid\", \"prefix\": \"bh_...\",\n \"scopes\": [\"read\", \"write\"], \"account_id\": \"uuid\",\n \"message\": \"Store this API key securely...\"}\n\nErrors:\n RATE_LIMITED: Max 5 registrations per IP per hour\n VALIDATION_ERROR: Invalid email format\n",
"inputSchema": {
"properties": {
"email": {
"default": "",
"title": "Email",
"type": "string"
},
"name": {
"default": "Agent Key",
"title": "Name",
"type": "string"
}
},
"title": "registerArguments",
"type": "object"
},
"name": "register"
},
{
"description": "Set your BorealHost API key for this session.\n\nCall this if you already have an API key (from a previous registration,\ncheckout completion, or the BorealHost panel). All subsequent tool calls\nwill use this key for authentication.\n\nNo need to call this after register() \u2014 the key is set automatically.\n\nArgs:\n api_key: Your BorealHost API key (format: bh_<48 hex chars>)\n\nReturns:\n {\"success\": true, \"message\": \"API key set for this session\",\n \"key_prefix\": \"bh_...\"}\n",
"inputSchema": {
"properties": {
"api_key": {
"title": "Api Key",
"type": "string"
}
},
"required": [
"api_key"
],
"title": "set_api_keyArguments",
"type": "object"
},
"name": "set_api_key"
},
{
"description": "Check the current API key's account info, scopes, and site count.\n\nRequires: BOREALHOST_API_KEY env var (read scope).\n\nReturns:\n {\"user\": {\"id\": \"uuid\", \"email\": \"...\", \"date_joined\": \"iso8601\"},\n \"api_key\": {\"id\": \"uuid\", \"name\": \"...\", \"prefix\": \"bh_...\",\n \"scopes\": [\"read\", \"write\"], \"created_at\": \"iso8601\"},\n \"account\": {\"sites\": 2, \"active_subscriptions\": 1}}\n\nErrors:\n UNAUTHORIZED: Missing or invalid API key\n",
"inputSchema": {
"properties": {},
"title": "whoamiArguments",
"type": "object"
},
"name": "whoami"
},
{
"description": "Request an API key for a site you are running on (challenge-response).\n\nThis starts a two-step verification flow:\n1. A claim token is written to your container at ~/.borealhost/.claim_token\n (mode 600, owner admin \u2014 only readable if you're on the container)\n2. Read that file and call claim_api_key(token) within 1 hour\n\nThis proves you have access to the container without storing any secrets\non disk permanently. The claim token is single-use and ephemeral.\n\nNo authentication needed \u2014 the proof is reading the file from the container.\n\nArgs:\n site_slug: The site identifier (your BorealHost site slug)\n\nReturns:\n {\"status\": \"pending\", \"site_slug\": \"my-site\",\n \"expires_in_seconds\": 3600, \"claim_path\": \"~/.borealhost/.claim_token\",\n \"instructions\": \"Read the claim token and call claim_api_key()...\"}\n\nErrors:\n VALIDATION_ERROR: Unknown site slug or no active subscription\n RATE_LIMITED: Too many pending claim tokens\n",
"inputSchema": {
"properties": {
"site_slug": {
"title": "Site Slug",
"type": "string"
}
},
"required": [
"site_slug"
],
"title": "request_api_keyArguments",
"type": "object"
},
"name": "request_api_key"
},
{
"description": "Claim an API key using a claim token from the container.\n\nAfter calling request_api_key(), read the claim token from\n~/.borealhost/.claim_token on your container and pass it here.\n\nThe token is single-use \u2014 once claimed, it cannot be used again.\nThe API key is automatically activated for this MCP session.\n\nArgs:\n claim_token: The claim token string read from the container file\n\nReturns:\n {\"api_key\": \"bh_...\", \"key_prefix\": \"bh_...\",\n \"site_slug\": \"my-site\", \"scopes\": [\"read\", \"write\"],\n \"message\": \"API key created and activated...\"}\n\nErrors:\n VALIDATION_ERROR: Invalid, expired, or already-claimed token\n",
"inputSchema": {
"properties": {
"claim_token": {
"title": "Claim Token",
"type": "string"
}
},
"required": [
"claim_token"
],
"title": "claim_api_keyArguments",
"type": "object"
},
"name": "claim_api_key"
},
{
"description": "List available hosting plans with pricing and resources.\n\nNo authentication needed.\n\nArgs:\n track: Filter by plan track. Valid values: \"single_site\", \"agency\".\n Leave empty to list all tracks.\n include_deprecated: Include deprecated plans (default: false)\n\nReturns:\n [{\"slug\": \"site_starter\", \"name\": \"Starter\", \"track\": \"single_site\",\n \"hosting_type\": \"shared\", \"price\": {\"monthly\": 5, \"annual\": 2, \"currency\": \"CAD\"},\n \"resources\": null, \"features\": {\"max_sites\": 1, \"ai_modules\": [...],\n \"ai_agents\": [], \"free_domain_annual\": false}}, ...]\n",
"inputSchema": {
"properties": {
"include_deprecated": {
"default": false,
"title": "Include Deprecated",
"type": "boolean"
},
"track": {
"default": "",
"title": "Track",
"type": "string"
}
},
"title": "list_plansArguments",
"type": "object"
},
"name": "list_plans"
},
{
"description": "Start a new checkout session to purchase a hosting plan.\n\nNo authentication needed. After creating, call update_checkout to set\nbuyer info, then complete_checkout to pay.\n\nArgs:\n sku: Plan SKU in format bh_{plan_slug}_{monthly|annual}.\n Examples: \"bh_site_starter_monthly\", \"bh_site_pro_annual\",\n \"bh_site_managed_monthly\", \"bh_site_business_annual\".\n Call list_plans() to discover all available plan slugs.\n\nReturns:\n {\"id\": \"uuid\", \"sku\": \"bh_site_starter_monthly\",\n \"plan_slug\": \"site_starter\", \"billing_period\": \"monthly\",\n \"status\": \"not_ready\", \"buyer_email\": \"\", \"requested_slug\": \"\",\n \"created_at\": \"iso8601\", \"checkout_secret\": \"base64-token\"}\n\nErrors:\n VALIDATION_ERROR: Invalid SKU format or unknown plan\n RATE_LIMITED: Max 10 checkouts per IP per hour\n",
"inputSchema": {
"properties": {
"sku": {
"title": "Sku",
"type": "string"
}
},
"required": [
"sku"
],
"title": "create_checkoutArguments",
"type": "object"
},
"name": "create_checkout"
},
{
"description": "Set buyer email and desired site slug on a checkout session.\n\nThe checkout must be in \"not_ready\" status. Setting requested_slug\ntransitions status to \"ready\" (required before completing).\n\nArgs:\n checkout_id: Checkout session ID from create_checkout\n buyer_email: Optional email \u2014 if omitted, a synthetic agent identity\n (agent-{uuid}@api.borealhost.ai) is created at completion\n requested_slug: Desired site identifier. Must be 3-50 chars, lowercase\n alphanumeric + hyphens, cannot start/end with hyphen.\n Must be globally unique.\n\nReturns:\n {\"id\": \"uuid\", \"sku\": \"...\", \"plan_slug\": \"...\",\n \"billing_period\": \"monthly\", \"status\": \"ready\",\n \"buyer_email\": \"...\", \"requested_slug\": \"my-site\",\n \"created_at\": \"iso8601\"}\n\nErrors:\n VALIDATION_ERROR: Invalid slug format or slug already taken\n FORBIDDEN: Missing checkout_secret\n NOT_FOUND: Unknown checkout_id\n",
"inputSchema": {
"properties": {
"buyer_email": {
"default": "",
"title": "Buyer Email",
"type": "string"
},
"checkout_id": {
"title": "Checkout Id",
"type": "string"
},
"requested_slug": {
"default": "",
"title": "Requested Slug",
"type": "string"
}
},
"required": [
"checkout_id"
],
"title": "update_checkoutArguments",
"type": "object"
},
"name": "update_checkout"
},
{
"description": "Complete checkout with payment and start site provisioning.\n\nThe checkout must be in \"ready\" status.\n\nTwo payment methods:\n- \"stripe_checkout\" (default): Returns a short, chat-safe payment URL.\n **Present `payment_url` to the human \u2014 NOT `stripe_checkout_url`.**\n The raw Stripe URL has a required `#fragment` that chat UIs routinely\n strip when rendering markdown links, which causes Stripe to show\n \"page not found\". `payment_url` is a short BorealHost redirect that\n preserves the fragment via HTTP 302. Then poll get_checkout_status()\n until status becomes \"completed\". The API key appears in the first\n poll after payment (shown once, then cleared).\n- \"stripe_payment_method\": Charges a Stripe PaymentMethod directly.\n Requires payment_method_id. On success, returns the API key immediately.\n\nArgs:\n checkout_id: Checkout session ID\n payment_method: \"stripe_checkout\" or \"stripe_payment_method\"\n payment_method_id: Stripe PaymentMethod ID (pm_...). Required only\n for \"stripe_payment_method\".\n\nReturns (stripe_checkout):\n {\"id\": \"uuid\", \"status\": \"awaiting_payment\",\n \"payment_url\": \"https://borealhost.ai/pay/<id>/?s=<secret>\",\n \"stripe_checkout_url\": \"https://checkout.stripe.com/c/pay/...\",\n \"message\": \"Present payment_url to the human...\"}\n\nReturns (stripe_payment_method):\n {\"id\": \"uuid\", \"status\": \"completed\", \"api_key\": \"bh_...\",\n \"api_key_message\": \"Store this API key securely...\",\n \"subscription_id\": \"uuid\", \"provisioning_job_id\": \"uuid\"}\n\nErrors:\n VALIDATION_ERROR: Missing payment_method_id for stripe_payment_method\n FORBIDDEN: Checkout not in \"ready\" status\n",
"inputSchema": {
"properties": {
"checkout_id": {
"title": "Checkout Id",
"type": "string"
},
"payment_method": {
"default": "stripe_checkout",
"title": "Payment Method",
"type": "string"
},
"payment_method_id": {
"default": "",
"title": "Payment Method Id",
"type": "string"
}
},
"required": [
"checkout_id"
],
"title": "complete_checkoutArguments",
"type": "object"
},
"name": "complete_checkout"
},
{
"description": "Poll a checkout session for status updates.\n\nCall this after complete_checkout to track payment and provisioning.\n\nPolling strategy:\n- First 60 seconds: every 5 seconds\n- After 60 seconds: every 15 seconds\n- Stop after 10 minutes if not completed\n\nCheckout statuses (in order):\n- \"not_ready\": Missing required fields (slug)\n- \"ready\": All fields set, awaiting payment\n- \"awaiting_payment\": Stripe checkout page opened, waiting for human\n- \"in_progress\": Payment received, site being provisioned\n- \"completed\": Site ready \u2014 API key included (shown once, then cleared)\n- \"canceled\": Checkout was abandoned\n- \"failed\": Payment or provisioning failed\n\nTerminal statuses: \"completed\", \"canceled\", \"failed\".\n\nArgs:\n checkout_id: Checkout session ID\n\nReturns (when completed):\n {\"id\": \"uuid\", \"status\": \"completed\", \"api_key\": \"bh_...\",\n \"api_key_message\": \"Store this API key securely...\",\n \"subscription_id\": \"uuid\", \"completed_at\": \"iso8601\"}\n\nNote: The api_key field appears ONCE in the first poll after completion,\nthen is permanently cleared. Store it immediately.\n",
"inputSchema": {
"properties": {
"checkout_id": {
"title": "Checkout Id",
"type": "string"
}
},
"required": [
"checkout_id"
],
"title": "get_checkout_statusArguments",
"type": "object"
},
"name": "get_checkout_status"
},
{
"description": "Get detailed status of a hosted site including resources, domains, and modules.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier (the slug chosen during checkout)\n\nReturns:\n {\"slug\": \"my-site\", \"plan\": \"site_starter\", \"status\": \"active\",\n \"domains\": [\"my-site.borealhost.ai\"], \"modules\": {...},\n \"resources\": {\"memory_mb\": 512, \"cpu_cores\": 1, \"disk_gb\": 10},\n \"created_at\": \"iso8601\"}\n\nErrors:\n NOT_FOUND: Unknown slug or not owned by this account\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "get_site_statusArguments",
"type": "object"
},
"name": "get_site_status"
},
{
"description": "Create or delete DNS records for a site.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n action: \"create\" or \"delete\"\n record_type: \"A\", \"AAAA\", \"CNAME\", \"MX\", \"TXT\", or \"SRV\"\n subdomain: Subdomain part (e.g. \"www\", \"mail\"). Leave empty for\n the apex/root domain.\n value: Record value. Required for \"create\". Examples:\n A: \"1.2.3.4\", CNAME: \"example.com\", MX: \"mail.example.com\",\n TXT: \"v=spf1 include:_spf.google.com ~all\"\n ttl: Time to live in seconds (default: 3600)\n\nReturns:\n {\"success\": true, \"record\": {\"type\": \"A\", \"subdomain\": \"www\",\n \"value\": \"1.2.3.4\", \"ttl\": 3600}}\n\nErrors:\n VALIDATION_ERROR: Missing value for create, invalid record type\n NOT_FOUND: Unknown slug\n",
"inputSchema": {
"properties": {
"action": {
"title": "Action",
"type": "string"
},
"record_type": {
"title": "Record Type",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
},
"subdomain": {
"default": "",
"title": "Subdomain",
"type": "string"
},
"ttl": {
"default": 3600,
"title": "Ttl",
"type": "integer"
},
"value": {
"default": "",
"title": "Value",
"type": "string"
}
},
"required": [
"slug",
"action",
"record_type"
],
"title": "manage_dnsArguments",
"type": "object"
},
"name": "manage_dns"
},
{
"description": "Trigger a deployment for a site.\n\nRequires: API key with write scope. This may take up to 60 seconds.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"success\": true, \"message\": \"Deployment triggered\"}\n\nErrors:\n NOT_FOUND: Unknown slug\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "deployArguments",
"type": "object"
},
"name": "deploy"
},
{
"description": "Install an app template on a VPS/Cloud site.\n\nStarts a background installation. Poll get_app_status() for progress.\n\nRequires: API key with write scope. VPS or Cloud plan only.\n\nArgs:\n slug: Site identifier\n template: App template slug. Available: django, laravel, nextjs, nodejs,\n nuxtjs, rails, static, forge\n app_name: Short name for the app (2-50 chars, lowercase alphanumeric + hyphens).\n Used as subdomain: {app_name}.{site_domain}\n db_type: Database type. \"none\", \"mysql\", or \"postgresql\" (depends on template)\n domain: Custom domain override (default: {app_name}.{site_domain})\n display_name: Human-friendly name (default: derived from app_name)\n\nReturns:\n {\"id\": \"uuid\", \"app_name\": \"forge\", \"status\": \"installing\",\n \"message\": \"Installation started. Poll for progress.\"}\n\nErrors:\n FORBIDDEN: Plan does not support apps (shared plans)\n VALIDATION_ERROR: Invalid template, app_name, or duplicate name\n",
"inputSchema": {
"properties": {
"app_name": {
"title": "App Name",
"type": "string"
},
"db_type": {
"default": "none",
"title": "Db Type",
"type": "string"
},
"display_name": {
"default": "",
"title": "Display Name",
"type": "string"
},
"domain": {
"default": "",
"title": "Domain",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
},
"template": {
"title": "Template",
"type": "string"
}
},
"required": [
"slug",
"template",
"app_name"
],
"title": "install_appArguments",
"type": "object"
},
"name": "install_app"
},
{
"description": "Get app installation status and log.\n\nPoll this after install_app() to track progress.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n app_id: App ID from install_app() response\n\nReturns:\n {\"id\": \"uuid\", \"app_name\": \"forge\", \"status\": \"running\"|\"installing\"|\"failed\",\n \"install_log\": \"...\"}\n\nStatuses: \"installing\", \"running\", \"stopped\", \"failed\", \"uninstalled\"\n",
"inputSchema": {
"properties": {
"app_id": {
"title": "App Id",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"app_id"
],
"title": "get_app_statusArguments",
"type": "object"
},
"name": "get_app_status"
},
{
"description": "List installed apps on a site.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"apps\": [{\"id\": \"uuid\", \"app_name\": \"forge\", \"template_slug\": \"forge\",\n \"status\": \"running\", \"domain\": \"forge.mysite.borealhost.ai\"}]}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "list_appsArguments",
"type": "object"
},
"name": "list_apps"
},
{
"description": "List all snapshots and scheduled snapshots for a site.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"snapshots\": [{\"id\": \"uuid\", \"name\": \"snap-...\", \"status\": \"completed\",\n \"storage_type\": \"local\"|\"b2\", \"size_bytes\": 1234, \"size_display\": \"1.2 Mo\",\n \"created_at\": \"iso8601\"}], \"scheduled\": [...]}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "list_snapshotsArguments",
"type": "object"
},
"name": "list_snapshots"
},
{
"description": "Create a local container snapshot (async).\n\nRuns in background \u2014 returns immediately with status \"creating\".\nPoll list_snapshots() to check when status becomes \"completed\" or \"failed\".\n\nAvailable for VPS, dedicated, and cloud plans (any plan with max_snapshots > 0).\nLocal snapshots are stored on the host disk and count against disk quota.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n description: Optional description (max 200 chars)\n\nReturns:\n {\"id\": \"uuid\", \"name\": \"snap-...\", \"status\": \"creating\",\n \"storage_type\": \"local\",\n \"message\": \"Snapshot started. Poll list_snapshots() to check status.\"}\n\nErrors:\n VALIDATION_ERROR: Max snapshots reached or insufficient disk quota\n",
"inputSchema": {
"properties": {
"description": {
"default": "",
"title": "Description",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "create_snapshotArguments",
"type": "object"
},
"name": "create_snapshot"
},
{
"description": "Create a B2 cloud-backed snapshot (zero local disk, async).\n\nStreams container data directly to Backblaze B2 via restic.\nNo local disk impact \u2014 billed separately at cost+5%.\nRuns in background \u2014 returns immediately with status \"creating\".\nPoll list_snapshots() to check when status becomes \"completed\".\nOnly available for VPS plans.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n description: Optional description (max 200 chars)\n\nReturns:\n {\"id\": \"uuid\", \"name\": \"...\", \"status\": \"creating\",\n \"storage_type\": \"b2\",\n \"message\": \"B2 cloud snapshot started. Poll list_snapshots()...\"}\n\nErrors:\n VALIDATION_ERROR: Not a VPS plan or max snapshots reached\n",
"inputSchema": {
"properties": {
"description": {
"default": "",
"title": "Description",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "create_b2_snapshotArguments",
"type": "object"
},
"name": "create_b2_snapshot"
},
{
"description": "Delete a snapshot (local or B2).\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n snapshot_id: UUID of the snapshot to delete\n\nReturns:\n {\"success\": true, \"message\": \"Snapshot deleted\"}\n\nErrors:\n NOT_FOUND: Snapshot not found\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
},
"snapshot_id": {
"title": "Snapshot Id",
"type": "string"
}
},
"required": [
"slug",
"snapshot_id"
],
"title": "delete_snapshotArguments",
"type": "object"
},
"name": "delete_snapshot"
},
{
"description": "Rollback a site to a previous snapshot.\n\nWARNING: This is destructive. The current state of the container will be\nreplaced with the snapshot contents.\n\nRequires: API key with admin scope.\n\nArgs:\n slug: Site identifier\n snapshot_id: UUID of the snapshot to rollback to\n\nReturns:\n {\"success\": true, \"message\": \"Rolled back to snapshot ...\"}\n\nErrors:\n NOT_FOUND: Snapshot not found or not in completed state\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
},
"snapshot_id": {
"title": "Snapshot Id",
"type": "string"
}
},
"required": [
"slug",
"snapshot_id"
],
"title": "rollback_snapshotArguments",
"type": "object"
},
"name": "rollback_snapshot"
},
{
"description": "Get snapshot disk usage and quota info for a site.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"disk_quota_gb\": 200, \"max_snapshots\": 5, \"snapshot_count\": 2,\n \"local_snapshot_bytes\": 1234, \"b2_snapshot_bytes\": 5678,\n \"can_create\": true}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "get_snapshot_usageArguments",
"type": "object"
},
"name": "get_snapshot_usage"
},
{
"description": "Schedule a snapshot for future execution.\n\nRequires: API key with write scope. Max 3 pending schedules per site.\n\nArgs:\n slug: Site identifier\n scheduled_at: ISO 8601 datetime (must be in the future)\n description: Optional description (max 200 chars)\n\nReturns:\n {\"id\": \"uuid\", \"scheduled_at\": \"iso8601\", \"status\": \"scheduled\"}\n\nErrors:\n VALIDATION_ERROR: Invalid datetime, not in future, or too many pending\n",
"inputSchema": {
"properties": {
"description": {
"default": "",
"title": "Description",
"type": "string"
},
"scheduled_at": {
"title": "Scheduled At",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"scheduled_at"
],
"title": "schedule_snapshotArguments",
"type": "object"
},
"name": "schedule_snapshot"
},
{
"description": "Cancel a scheduled snapshot.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n schedule_id: UUID of the scheduled snapshot to cancel\n\nReturns:\n {\"success\": true, \"message\": \"Scheduled snapshot cancelled\"}\n\nErrors:\n NOT_FOUND: Schedule not found or already executed\n",
"inputSchema": {
"properties": {
"schedule_id": {
"title": "Schedule Id",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"schedule_id"
],
"title": "cancel_scheduled_snapshotArguments",
"type": "object"
},
"name": "cancel_scheduled_snapshot"
},
{
"description": "List all backups for a site (automatic and manual).\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n [{\"id\": \"uuid\", \"backup_type\": \"auto\"|\"manual\", \"status\": \"completed\",\n \"size_bytes\": 1234, \"size_display\": \"1.2 Mo\",\n \"timestamp\": \"iso8601\", \"notes\": \"...\"}]\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "list_backupsArguments",
"type": "object"
},
"name": "list_backups"
},
{
"description": "Create a manual backup (runs asynchronously).\n\nThe backup starts in the background. Poll list_backups() to check status.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"id\": \"uuid\", \"status\": \"pending\",\n \"message\": \"Backup started. Poll list_backups() to check status.\"}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "create_backupArguments",
"type": "object"
},
"name": "create_backup"
},
{
"description": "Restore a site from a backup.\n\nWARNING: This is destructive. The current state of the site will be\nreplaced. Runs asynchronously \u2014 may take several minutes.\n\nRequires: API key with admin scope.\n\nArgs:\n slug: Site identifier\n backup_id: UUID of the backup to restore from\n\nReturns:\n {\"success\": true, \"message\": \"Restore started...\"}\n\nErrors:\n VALIDATION_ERROR: Backup not found or not in completed state\n",
"inputSchema": {
"properties": {
"backup_id": {
"title": "Backup Id",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"backup_id"
],
"title": "restore_backupArguments",
"type": "object"
},
"name": "restore_backup"
},
{
"description": "Get traffic and performance metrics for a site.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n days: Number of days of history (1\u201390, default: 7)\n\nReturns:\n {\"requests\": [...], \"bandwidth\": [...], \"errors\": [...],\n \"period\": {\"start\": \"iso8601\", \"end\": \"iso8601\"}}\n\nErrors:\n NOT_FOUND: Unknown slug\n VALIDATION_ERROR: days out of range\n",
"inputSchema": {
"properties": {
"days": {
"default": 7,
"title": "Days",
"type": "integer"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "get_metricsArguments",
"type": "object"
},
"name": "get_metrics"
},
{
"description": "Change a site's hosting plan (upgrade or downgrade).\n\nRequires: API key with admin scope. Best practice: create a snapshot\nbefore downgrading.\n\nArgs:\n slug: Site identifier\n new_plan: Target plan slug (e.g. \"site_pro\", \"site_managed\").\n Call list_plans() to see available plans.\n\nReturns:\n {\"success\": true, \"old_plan\": \"site_starter\", \"new_plan\": \"site_pro\",\n \"message\": \"Plan changed successfully\"}\n\nErrors:\n NOT_FOUND: Unknown slug\n VALIDATION_ERROR: Invalid plan slug or same plan\n",
"inputSchema": {
"properties": {
"new_plan": {
"title": "New Plan",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"new_plan"
],
"title": "scaleArguments",
"type": "object"
},
"name": "scale"
},
{
"description": "Delete a site and schedule resource cleanup (7-day grace period).\n\nWARNING: This is destructive. The site will be inaccessible immediately\nbut data is retained for 7 days before permanent deletion.\n\nBest practice: create a snapshot before decommissioning.\n\nRequires: API key with admin scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"success\": true, \"message\": \"Site scheduled for deletion\",\n \"grace_period_days\": 7}\n\nErrors:\n NOT_FOUND: Unknown slug\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "decommissionArguments",
"type": "object"
},
"name": "decommission"
},
{
"description": "Update account profile fields (email, language, name).\n\nRequires: API key with write scope.\nOnly provided (non-empty) fields are updated.\n\nArgs:\n email: New email address\n language: Language preference \u2014 \"fr\" (French) or \"en\" (English)\n first_name: First name\n last_name: Last name\n\nReturns:\n {\"success\": true, \"account\": {\"email\": \"...\", \"language\": \"fr\",\n \"first_name\": \"...\", \"last_name\": \"...\"}}\n\nErrors:\n VALIDATION_ERROR: Invalid email format or language code\n",
"inputSchema": {
"properties": {
"email": {
"default": "",
"title": "Email",
"type": "string"
},
"first_name": {
"default": "",
"title": "First Name",
"type": "string"
},
"language": {
"default": "",
"title": "Language",
"type": "string"
},
"last_name": {
"default": "",
"title": "Last Name",
"type": "string"
}
},
"title": "update_accountArguments",
"type": "object"
},
"name": "update_account"
},
{
"description": "Permanently anonymize the account. Cancels subscriptions, deactivates keys.\n\nWARNING: This is irreversible. The account will be soft-deleted and all\npersonal data anonymized. All sites will be decommissioned.\n\nRequires: API key with admin scope.\n\nReturns:\n {\"success\": true, \"message\": \"Account anonymized\"}\n",
"inputSchema": {
"properties": {},
"title": "delete_accountArguments",
"type": "object"
},
"name": "delete_account"
},
{
"description": "List all subscriptions with plan details, pricing, status, and site slug.\n\nRequires: API key with read scope.\n\nReturns:\n [{\"id\": \"uuid\", \"plan_slug\": \"site_starter\", \"plan_name\": \"Starter\",\n \"status\": \"active\", \"billing_period\": \"monthly\",\n \"price\": {\"amount\": 500, \"currency\": \"cad\"},\n \"site_slug\": \"my-site\", \"created_at\": \"iso8601\"}]\n",
"inputSchema": {
"properties": {},
"title": "list_subscriptionsArguments",
"type": "object"
},
"name": "list_subscriptions"
},
{
"description": "Get a Stripe billing portal URL for managing payment methods and invoices.\n\nReturns a URL (not a redirect) that the human can open in a browser.\n\nRequires: API key with read scope.\n\nArgs:\n flow: Optional. Set to \"payment_method_update\" to go directly\n to the payment method update page.\n\nReturns:\n {\"url\": \"https://billing.stripe.com/p/session/...\"}\n",
"inputSchema": {
"properties": {
"flow": {
"default": "",
"title": "Flow",
"type": "string"
}
},
"title": "get_billing_portalArguments",
"type": "object"
},
"name": "get_billing_portal"
},
{
"description": "Atomically rotate an API key. Old key is immediately invalidated.\n\nCreates a new key with the same name, scopes, and rate limits.\nThe new key is returned once \u2014 store it immediately.\n\nRequires: API key with write scope.\n\nArgs:\n key_id: UUID of the API key to rotate (get from whoami())\n\nReturns:\n {\"api_key\": \"bh_...\", \"key_id\": \"uuid\", \"prefix\": \"bh_...\",\n \"scopes\": [\"read\", \"write\"], \"message\": \"Key rotated. Store securely.\"}\n\nNote: The old key stops working immediately. Update BOREALHOST_API_KEY\nright away.\n",
"inputSchema": {
"properties": {
"key_id": {
"title": "Key Id",
"type": "string"
}
},
"required": [
"key_id"
],
"title": "rotate_keyArguments",
"type": "object"
},
"name": "rotate_key"
},
{
"description": "Create a new API key with specified scopes.\n\nCannot create keys with higher scopes than the current key.\nSite-scoped keys restrict access to a single site.\n\nRequires: API key with write scope.\n\nArgs:\n name: Human-readable name for the key (1-100 chars)\n scopes: Comma-separated scopes. Options: \"read\", \"read,write\",\n \"read,write,admin\". Default: \"read\"\n site_slug: Optional \u2014 restrict the key to a single site.\n Omit for account-wide access.\n\nReturns:\n {\"api_key\": \"bh_...\", \"key_id\": \"uuid\", \"prefix\": \"bh_...\",\n \"name\": \"My Key\", \"scopes\": [\"read\", \"write\"],\n \"message\": \"Store this API key securely \u2014 it will not be shown again.\"}\n\nErrors:\n VALIDATION_ERROR: Invalid name, scopes, or max 25 active keys\n FORBIDDEN: Cannot create keys with higher scopes than current key\n",
"inputSchema": {
"properties": {
"name": {
"title": "Name",
"type": "string"
},
"scopes": {
"default": "read",
"title": "Scopes",
"type": "string"
},
"site_slug": {
"default": "",
"title": "Site Slug",
"type": "string"
}
},
"required": [
"name"
],
"title": "create_api_keyArguments",
"type": "object"
},
"name": "create_api_key"
},
{
"description": "List all API keys for the account.\n\nShows key metadata (name, prefix, scopes, last used) but never the\nfull key value.\n\nRequires: API key with read scope.\n\nReturns:\n [{\"id\": \"uuid\", \"name\": \"My Key\", \"prefix\": \"bh_a2...\",\n \"scopes\": [\"read\", \"write\"], \"is_active\": true,\n \"created_at\": \"iso8601\", \"last_used_at\": \"iso8601\"|null,\n \"site_slug\": null|\"my-site\"}]\n",
"inputSchema": {
"properties": {},
"title": "list_api_keysArguments",
"type": "object"
},
"name": "list_api_keys"
},
{
"description": "Revoke (deactivate) an API key. The key stops working immediately.\n\nRequires: API key with write scope.\n\nArgs:\n key_id: UUID of the key to revoke (from list_api_keys or whoami)\n\nReturns:\n {\"success\": true, \"message\": \"API key revoked\"}\n\nErrors:\n NOT_FOUND: Key not found or already revoked\n",
"inputSchema": {
"properties": {
"key_id": {
"title": "Key Id",
"type": "string"
}
},
"required": [
"key_id"
],
"title": "revoke_api_keyArguments",
"type": "object"
},
"name": "revoke_api_key"
},
{
"description": "Get SSH connection info for a VPS/dedicated site.\n\nOnly available for VPS/dedicated plans (not shared hosting).\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"host\": \"184.107.x.x\", \"port\": 22, \"username\": \"admin\",\n \"ssh_command\": \"ssh admin@184.107.x.x\"}\n\nErrors:\n NOT_FOUND: Unknown slug\n FORBIDDEN: Plan does not support SSH (shared plans)\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "get_ssh_infoArguments",
"type": "object"
},
"name": "get_ssh_info"
},
{
"description": "Inject your SSH public key into a site's container for direct SSH access.\n\nThe key is appended to /home/admin/.ssh/authorized_keys.\nOnly available for VPS/dedicated plans.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n public_key: SSH public key string. Supported types:\n ssh-ed25519, ssh-rsa, ecdsa-sha2-nistp256/384/521\n\nReturns:\n {\"success\": true, \"message\": \"SSH key added\",\n \"ssh_command\": \"ssh admin@184.107.x.x\"}\n\nErrors:\n VALIDATION_ERROR: Invalid or unsupported key format\n FORBIDDEN: Plan does not support SSH\n",
"inputSchema": {
"properties": {
"public_key": {
"title": "Public Key",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"public_key"
],
"title": "add_ssh_keyArguments",
"type": "object"
},
"name": "add_ssh_key"
},
{
"description": "List files and directories in a site's container.\n\nPath scoping depends on the plan:\n- Shared plans: rooted at wp-content/ (WordPress content directory)\n- VPS/dedicated plans: full filesystem access\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n path: Relative path to list (empty for root of accessible area)\n\nReturns:\n {\"path\": \"/\", \"entries\": [{\"name\": \"index.php\", \"type\": \"file\",\n \"size\": 1234, \"modified\": \"iso8601\"}, {\"name\": \"uploads\",\n \"type\": \"directory\", \"modified\": \"iso8601\"}]}\n\nErrors:\n NOT_FOUND: Unknown slug or path doesn't exist\n",
"inputSchema": {
"properties": {
"path": {
"default": "",
"title": "Path",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "list_filesArguments",
"type": "object"
},
"name": "list_files"
},
{
"description": "Read the contents of a file from a site's container.\n\nMax file size: 512KB. Binary files are rejected \u2014 use the site's\nfile manager or SSH for binary files.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n path: Relative path to the file\n\nReturns:\n {\"path\": \"wp-config.php\", \"content\": \"<?php ...\",\n \"size\": 1234, \"encoding\": \"utf-8\"}\n\nErrors:\n NOT_FOUND: File doesn't exist\n VALIDATION_ERROR: File is binary or exceeds 512KB\n",
"inputSchema": {
"properties": {
"path": {
"title": "Path",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"path"
],
"title": "read_fileArguments",
"type": "object"
},
"name": "read_file"
},
{
"description": "Write or overwrite a text file in a site's container.\n\nCreates parent directories if they don't exist.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n path: Relative path to the file\n content: File content as a UTF-8 string\n\nReturns:\n {\"success\": true, \"path\": \"...\", \"size\": 1234}\n\nErrors:\n NOT_FOUND: Unknown slug\n FORBIDDEN: Protected system path\n",
"inputSchema": {
"properties": {
"content": {
"title": "Content",
"type": "string"
},
"path": {
"title": "Path",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"path",
"content"
],
"title": "write_fileArguments",
"type": "object"
},
"name": "write_file"
},
{
"description": "Upload a base64-encoded file to a site's container.\n\nUse this for binary files (images, archives, fonts, etc.).\nFor text files, prefer write_file().\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n path: Relative path including filename (e.g. \"images/logo.png\")\n content_b64: Base64-encoded file content\n\nReturns:\n {\"success\": true, \"path\": \"images/logo.png\", \"size\": 45678}\n\nErrors:\n VALIDATION_ERROR: Invalid base64 encoding\n FORBIDDEN: Protected system path\n",
"inputSchema": {
"properties": {
"content_b64": {
"title": "Content B64",
"type": "string"
},
"path": {
"title": "Path",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"path",
"content_b64"
],
"title": "upload_fileArguments",
"type": "object"
},
"name": "upload_file"
},
{
"description": "Delete a file or directory from a site's container.\n\nDirectories are deleted recursively. Protected system paths\n(e.g. /etc, /usr) cannot be deleted.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n path: Relative path to delete\n\nReturns:\n {\"success\": true, \"path\": \"...\", \"message\": \"Deleted\"}\n\nErrors:\n NOT_FOUND: Path doesn't exist\n FORBIDDEN: Protected system path\n",
"inputSchema": {
"properties": {
"path": {
"title": "Path",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"path"
],
"title": "delete_fileArguments",
"type": "object"
},
"name": "delete_file"
},
{
"description": "Create a directory in a site's container.\n\nCreates parent directories if they don't exist.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n path: Relative path of the directory to create\n\nReturns:\n {\"success\": true, \"path\": \"uploads/2024\", \"message\": \"Directory created\"}\n\nErrors:\n NOT_FOUND: Unknown slug\n FORBIDDEN: Protected system path\n",
"inputSchema": {
"properties": {
"path": {
"title": "Path",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"path"
],
"title": "create_directoryArguments",
"type": "object"
},
"name": "create_directory"
},
{
"description": "List installed WordPress plugins with status.\n\nRequires: API key with read scope. WordPress sites only.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"plugins\": [{\"name\": \"akismet\", \"status\": \"active\", \"version\": \"5.3\",\n \"update_available\": false}, ...]}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "list_pluginsArguments",
"type": "object"
},
"name": "list_plugins"
},
{
"description": "List installed WordPress themes with status.\n\nRequires: API key with read scope. WordPress sites only.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"themes\": [{\"name\": \"twentytwentyfour\", \"status\": \"active\",\n \"version\": \"1.0\", \"update_available\": false}, ...]}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "list_themesArguments",
"type": "object"
},
"name": "list_themes"
},
{
"description": "Install, activate, deactivate, or delete a WordPress plugin.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n action: \"install\", \"activate\", \"deactivate\", or \"delete\"\n plugin: Plugin slug (e.g. \"akismet\", \"jetpack\", \"woocommerce\")\n\nReturns:\n {\"action\": \"install\", \"plugin\": \"jetpack\", \"result\": {...}}\n",
"inputSchema": {
"properties": {
"action": {
"title": "Action",
"type": "string"
},
"plugin": {
"title": "Plugin",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"action",
"plugin"
],
"title": "manage_pluginArguments",
"type": "object"
},
"name": "manage_plugin"
},
{
"description": "Install, activate, or delete a WordPress theme.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n action: \"install\", \"activate\", or \"delete\"\n theme: Theme slug (e.g. \"twentytwentyfour\", \"astra\")\n\nReturns:\n {\"action\": \"install\", \"theme\": \"astra\", \"result\": {...}}\n",
"inputSchema": {
"properties": {
"action": {
"title": "Action",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
},
"theme": {
"title": "Theme",
"type": "string"
}
},
"required": [
"slug",
"action",
"theme"
],
"title": "manage_themeArguments",
"type": "object"
},
"name": "manage_theme"
},
{
"description": "Check for available WordPress core, plugin, and theme updates.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"core\": {\"current\": \"6.5\", \"update\": \"6.6\"},\n \"plugins\": [{\"name\": \"...\", \"current\": \"1.0\", \"new\": \"1.1\"}],\n \"themes\": [...]}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "wp_check_updatesArguments",
"type": "object"
},
"name": "wp_check_updates"
},
{
"description": "Update WordPress core, all plugins, and all themes.\n\nRuns all updates in sequence. May take up to 2 minutes.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"core\": {...}, \"plugins\": [...], \"themes\": [...]}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "wp_update_allArguments",
"type": "object"
},
"name": "wp_update_all"
},
{
"description": "List cron jobs on a site.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"jobs\": [{\"line\": 1, \"schedule\": \"*/5 * * * *\",\n \"command\": \"/usr/bin/php /var/www/html/wp-cron.php\"}, ...]}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "list_cronArguments",
"type": "object"
},
"name": "list_cron"
},
{
"description": "Add a cron job to a site.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n schedule: Cron schedule (e.g. \"*/5 * * * *\", \"0 2 * * *\")\n command: Command to execute\n\nReturns:\n {\"added\": true, \"result\": {...}}\n",
"inputSchema": {
"properties": {
"command": {
"title": "Command",
"type": "string"
},
"schedule": {
"title": "Schedule",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"schedule",
"command"
],
"title": "add_cronArguments",
"type": "object"
},
"name": "add_cron"
},
{
"description": "Delete a cron job by line number.\n\nGet line numbers from list_cron().\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n line_number: Line number of the cron entry to delete\n\nReturns:\n {\"deleted\": true}\n",
"inputSchema": {
"properties": {
"line_number": {
"title": "Line Number",
"type": "integer"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"line_number"
],
"title": "delete_cronArguments",
"type": "object"
},
"name": "delete_cron"
},
{
"description": "Get SSL certificate information for a site.\n\nReturns certificate details, expiry date, and issuer.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"issuer\": \"Let's Encrypt\", \"domain\": \"example.com\",\n \"expires_at\": \"iso8601\", \"days_remaining\": 60,\n \"force_https\": true}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "ssl_infoArguments",
"type": "object"
},
"name": "ssl_info"
},
{
"description": "Force SSL certificate renewal via certbot.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"renewed\": true, \"expires_at\": \"iso8601\"}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "ssl_renewArguments",
"type": "object"
},
"name": "ssl_renew"
},
{
"description": "List available PHP versions and the currently active one.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"versions\": [{\"version\": \"8.1\", \"active\": false},\n {\"version\": \"8.2\", \"active\": false},\n {\"version\": \"8.3\", \"active\": true}]}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "list_php_versionsArguments",
"type": "object"
},
"name": "list_php_versions"
},
{
"description": "Switch the active PHP version for a site.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n version: Target PHP version (e.g. \"8.3\", \"8.2\", \"8.1\")\n\nReturns:\n {\"version\": \"8.3\", \"result\": {...}}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
},
"version": {
"title": "Version",
"type": "string"
}
},
"required": [
"slug",
"version"
],
"title": "switch_phpArguments",
"type": "object"
},
"name": "switch_php"
},
{
"description": "Get cache status (Redis, WP object cache, hit rates).\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"redis_running\": true, \"object_cache_enabled\": true,\n \"hit_rate\": 0.95, \"memory_used_mb\": 12}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "cache_statusArguments",
"type": "object"
},
"name": "cache_status"
},
{
"description": "Flush all caches (Redis + WP object cache).\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"flushed\": true}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "cache_flushArguments",
"type": "object"
},
"name": "cache_flush"
},
{
"description": "Enable or disable the WordPress object cache.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n enable: true to enable, false to disable\n\nReturns:\n {\"enabled\": true}\n",
"inputSchema": {
"properties": {
"enable": {
"title": "Enable",
"type": "boolean"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"enable"
],
"title": "cache_toggleArguments",
"type": "object"
},
"name": "cache_toggle"
},
{
"description": "Get WordPress database information (size, tables, row counts).\n\nRequires: API key with read scope. WordPress sites only.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"database\": \"wp_mysite\", \"size_mb\": 45.2,\n \"tables\": 12, \"total_rows\": 15432}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "get_database_infoArguments",
"type": "object"
},
"name": "get_database_info"
},
{
"description": "Optimize WordPress database tables (reduces bloat).\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"optimized\": true, \"tables_optimized\": 12}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "optimize_databaseArguments",
"type": "object"
},
"name": "optimize_database"
},
{
"description": "Search and replace in WordPress database (e.g. URL migration).\n\nHandles serialized data safely. Use dry_run=true first to preview changes.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n old: String to search for (e.g. \"http://old-domain.com\")\n new: Replacement string (e.g. \"https://new-domain.com\")\n dry_run: Preview only without making changes (default: true)\n\nReturns:\n {\"replacements\": 42, \"tables_affected\": 5, \"dry_run\": true}\n",
"inputSchema": {
"properties": {
"dry_run": {
"default": true,
"title": "Dry Run",
"type": "boolean"
},
"new": {
"title": "New",
"type": "string"
},
"old": {
"title": "Old",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"old",
"new"
],
"title": "database_search_replaceArguments",
"type": "object"
},
"name": "database_search_replace"
},
{
"description": "List all databases on a site's container.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"databases\": [\"wordpress\", \"app_db\", ...]}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "list_databasesArguments",
"type": "object"
},
"name": "list_databases"
},
{
"description": "List tables in a database.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n database: Database name\n\nReturns:\n {\"tables\": [{\"name\": \"wp_posts\", \"rows\": 1234, \"size_mb\": 5.2}, ...]}\n",
"inputSchema": {
"properties": {
"database": {
"title": "Database",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"database"
],
"title": "list_tablesArguments",
"type": "object"
},
"name": "list_tables"
},
{
"description": "Execute a SQL query on a site's database.\n\nSupports SELECT, INSERT, UPDATE, DELETE, and DDL statements.\nResults are limited to 1000 rows for SELECT queries.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n database: Database name\n query: SQL query string\n\nReturns:\n {\"columns\": [\"id\", \"title\"], \"rows\": [[1, \"Hello\"], ...],\n \"affected_rows\": 0, \"query_time_ms\": 12}\n",
"inputSchema": {
"properties": {
"database": {
"title": "Database",
"type": "string"
},
"query": {
"title": "Query",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"database",
"query"
],
"title": "execute_queryArguments",
"type": "object"
},
"name": "execute_query"
},
{
"description": "Get detailed system stack information (OS, PHP, DB, web server versions).\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"os\": \"Debian 12\", \"kernel\": \"6.1.0\",\n \"php\": \"8.3.4\", \"mysql\": \"10.11.6-MariaDB\",\n \"nginx\": \"1.24.0\", \"wordpress\": \"6.5\"}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "get_stack_infoArguments",
"type": "object"
},
"name": "get_stack_info"
},
{
"description": "Get current resource usage (CPU, memory, disk, load average).\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"cpu_percent\": 12.5, \"memory_mb\": 384, \"memory_total_mb\": 512,\n \"disk_used_gb\": 3.2, \"disk_total_gb\": 10,\n \"load_1m\": 0.5, \"load_5m\": 0.3, \"load_15m\": 0.2}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "get_resource_snapshotArguments",
"type": "object"
},
"name": "get_resource_snapshot"
},
{
"description": "Get Cloudflare proxy (CDN) status for a site.\n\nShows whether traffic is routed through Cloudflare's CDN (orange cloud)\nor goes direct to origin (grey cloud / DNS-only).\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"domain\": \"my-site.borealhost.ai\", \"has_record\": true,\n \"proxied\": true, \"ip\": \"1.2.3.4\"}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "cloudflare_proxy_statusArguments",
"type": "object"
},
"name": "cloudflare_proxy_status"
},
{
"description": "Enable or disable Cloudflare CDN proxy for a site.\n\nWhen enabled (orange cloud): traffic goes through Cloudflare's CDN,\ngets caching, DDoS protection, and SSL termination at the edge.\nWhen disabled (grey cloud): traffic goes directly to origin server.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n proxied: true to enable CDN proxy, false to disable\n\nReturns:\n {\"domain\": \"my-site.borealhost.ai\", \"proxied\": true, \"ip\": \"1.2.3.4\"}\n",
"inputSchema": {
"properties": {
"proxied": {
"title": "Proxied",
"type": "boolean"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"proxied"
],
"title": "cloudflare_set_proxyArguments",
"type": "object"
},
"name": "cloudflare_set_proxy"
},
{
"description": "Purge Cloudflare CDN cache for a site.\n\nWithout urls: purges all cached content for the site's subdomain.\nWith urls: purges only the specified URLs (max 30 per call).\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n urls: Optional list of specific URLs to purge\n (e.g. [\"https://my-site.borealhost.ai/style.css\"])\n\nReturns:\n {\"purged\": true, \"scope\": \"host\", \"domain\": \"my-site.borealhost.ai\"}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
},
"urls": {
"default": null,
"items": {},
"title": "Urls",
"type": "array"
}
},
"required": [
"slug"
],
"title": "cloudflare_purge_cacheArguments",
"type": "object"
},
"name": "cloudflare_purge_cache"
},
{
"description": "List FTP accounts on a site.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"accounts\": [{\"username\": \"ftpuser\", \"home\": \"/var/www/html\", \"uid\": 1001}]}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "list_ftp_accountsArguments",
"type": "object"
},
"name": "list_ftp_accounts"
},
{
"description": "Create an FTP account on a site.\n\nThe user is chrooted to the specified directory. Password must be\nat least 8 characters. Username must be lowercase alphanumeric.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n username: FTP username (lowercase, max 32 chars)\n password: Password (min 8 chars)\n home_dir: Chroot directory (default: /var/www/html)\n\nReturns:\n {\"success\": true, \"username\": \"ftpuser\", \"home_dir\": \"/var/www/html\"}\n",
"inputSchema": {
"properties": {
"home_dir": {
"default": "/var/www/html",
"title": "Home Dir",
"type": "string"
},
"password": {
"title": "Password",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
},
"username": {
"title": "Username",
"type": "string"
}
},
"required": [
"slug",
"username",
"password"
],
"title": "create_ftp_accountArguments",
"type": "object"
},
"name": "create_ftp_account"
},
{
"description": "Remove an FTP account from a site.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n username: FTP username to remove\n\nReturns:\n {\"removed\": true, \"username\": \"ftpuser\"}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
},
"username": {
"title": "Username",
"type": "string"
}
},
"required": [
"slug",
"username"
],
"title": "remove_ftp_accountArguments",
"type": "object"
},
"name": "remove_ftp_account"
},
{
"description": "List user-configurable alert rules for a site.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n [{\"id\": \"uuid\", \"metric\": \"disk\", \"operator\": \"gt\",\n \"threshold\": 90, \"severity\": \"warning\", \"enabled\": true,\n \"cooldown_minutes\": 30, \"notify_email\": true}]\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "list_alert_rulesArguments",
"type": "object"
},
"name": "list_alert_rules"
},
{
"description": "Create an alert rule to monitor CPU, memory, or disk usage.\n\nWhen the metric crosses the threshold, a notification is sent via\nemail and/or webhook. Max 10 rules per site.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n metric: \"cpu\", \"memory\", or \"disk\" (percentage-based)\n threshold: Threshold value 0-100 (e.g. 90 for 90%)\n operator: \"gt\" (greater than) or \"lt\" (less than). Default: \"gt\"\n severity: \"warning\" or \"critical\". Default: \"warning\"\n cooldown_minutes: Min minutes between repeated alerts. Default: 30\n notify_email: Send email notification. Default: true\n notify_webhook: Optional webhook URL for POST notifications\n\nReturns:\n {\"id\": \"uuid\", \"metric\": \"disk\", \"threshold\": 90, ...}\n",
"inputSchema": {
"properties": {
"cooldown_minutes": {
"default": 30,
"title": "Cooldown Minutes",
"type": "integer"
},
"metric": {
"title": "Metric",
"type": "string"
},
"notify_email": {
"default": true,
"title": "Notify Email",
"type": "boolean"
},
"notify_webhook": {
"default": "",
"title": "Notify Webhook",
"type": "string"
},
"operator": {
"default": "gt",
"title": "Operator",
"type": "string"
},
"severity": {
"default": "warning",
"title": "Severity",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
},
"threshold": {
"title": "Threshold",
"type": "number"
}
},
"required": [
"slug",
"metric",
"threshold"
],
"title": "create_alert_ruleArguments",
"type": "object"
},
"name": "create_alert_rule"
},
{
"description": "Delete an alert rule.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n rule_id: UUID of the alert rule to delete\n\nReturns:\n {\"deleted\": true, \"id\": \"uuid\"}\n",
"inputSchema": {
"properties": {
"rule_id": {
"title": "Rule Id",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"rule_id"
],
"title": "delete_alert_ruleArguments",
"type": "object"
},
"name": "delete_alert_rule"
},
{
"description": "Run a ClamAV malware scan on a site's container.\n\nScans the web root (or specified path) for malware, viruses, and trojans.\nClamAV is installed automatically if not present. Excludes node_modules,\nvendor, .git, and cache directories.\n\nMay take up to 5 minutes for large sites.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n path: Directory to scan (default: /var/www/html)\n\nReturns:\n {\"infected_files\": [{\"path\": \"/var/www/html/shell.php\", \"threat\": \"Php.Malware.Agent\"}],\n \"scanned_count\": 1234, \"infected_count\": 1, \"scan_time_s\": 45.2}\n",
"inputSchema": {
"properties": {
"path": {
"default": "",
"title": "Path",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "run_malware_scanArguments",
"type": "object"
},
"name": "run_malware_scan"
},
{
"description": "List IP allow/deny firewall rules for a site.\n\nRules are implemented as Nginx allow/deny directives per container.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"rules\": [{\"ip\": \"1.2.3.4\", \"action\": \"deny\"},\n {\"ip\": \"10.0.0.0/8\", \"action\": \"allow\"}]}\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "list_firewall_rulesArguments",
"type": "object"
},
"name": "list_firewall_rules"
},
{
"description": "Add an IP firewall rule (allow or deny) and reload Nginx.\n\nSupports IPv4, IPv6, and CIDR notation. Max 100 rules per site.\nIf a rule already exists for the IP, the action is updated.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n ip: IP address or CIDR (e.g. \"1.2.3.4\", \"10.0.0.0/8\", \"2001:db8::/32\")\n action: \"deny\" (block) or \"allow\" (whitelist). Default: \"deny\"\n\nReturns:\n {\"added\": true, \"ip\": \"1.2.3.4\", \"action\": \"deny\"}\n",
"inputSchema": {
"properties": {
"action": {
"default": "deny",
"title": "Action",
"type": "string"
},
"ip": {
"title": "Ip",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"ip"
],
"title": "add_firewall_ruleArguments",
"type": "object"
},
"name": "add_firewall_rule"
},
{
"description": "Remove an IP firewall rule and reload Nginx.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n ip: IP address or CIDR to remove (must match exactly)\n\nReturns:\n {\"removed\": true, \"ip\": \"1.2.3.4\"}\n",
"inputSchema": {
"properties": {
"ip": {
"title": "Ip",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"ip"
],
"title": "remove_firewall_ruleArguments",
"type": "object"
},
"name": "remove_firewall_rule"
},
{
"description": "Retrieve container logs (error, access, or PHP).\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n log_type: \"error\" (Nginx/Apache errors), \"access\" (HTTP request log),\n or \"php\" (PHP-FPM errors, WordPress sites only)\n lines: Number of lines to retrieve (1\u2013500, default: 100)\n search: Optional keyword filter \u2014 only lines containing this string\n\nReturns:\n {\"log_type\": \"error\", \"lines\": [\"2024-01-15 ... error ...\", ...],\n \"count\": 42, \"truncated\": false}\n\nErrors:\n NOT_FOUND: Unknown slug\n VALIDATION_ERROR: Invalid log_type or lines out of range\n",
"inputSchema": {
"properties": {
"lines": {
"default": 100,
"title": "Lines",
"type": "integer"
},
"log_type": {
"default": "error",
"title": "Log Type",
"type": "string"
},
"search": {
"default": "",
"title": "Search",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "get_logsArguments",
"type": "object"
},
"name": "get_logs"
},
{
"description": "List all domains owned by the authenticated user.\n\nRequires: API key with read scope.\n\nReturns:\n [{\"domain\": \"example.com\", \"status\": \"active\",\n \"expires_at\": \"iso8601\", \"auto_renew\": true,\n \"linked_site\": \"my-site\"}]\n",
"inputSchema": {
"properties": {},
"title": "list_domainsArguments",
"type": "object"
},
"name": "list_domains"
},
{
"description": "Check domain availability and get pricing.\n\nRequires: API key with read scope.\n\nArgs:\n domain: Full domain name (e.g. \"example.com\", \"mybiz.ca\")\n\nReturns:\n {\"domain\": \"example.com\", \"available\": true,\n \"price\": {\"amount\": 15.99, \"currency\": \"CAD\", \"period\": \"1 year\"},\n \"premium\": false}\n\nNote: .ca domains require ca_legal_type when registering.\n",
"inputSchema": {
"properties": {
"domain": {
"title": "Domain",
"type": "string"
}
},
"required": [
"domain"
],
"title": "search_domainArguments",
"type": "object"
},
"name": "search_domain"
},
{
"description": "Register a new domain with WHOIS contact info and Stripe billing.\n\nThe domain cost is charged to the user's active subscription.\nFree domain if plan includes free_domain_annual + annual billing + first domain.\n\nRequires: API key with write scope.\n\nArgs:\n domain: Full domain name (e.g. \"example.ca\", \"mybusiness.com\")\n first_name: Registrant first name\n last_name: Registrant last name\n email: Registrant email address\n phone: Phone number in E.164 format: \"+1.5145551234\"\n address1: Street address (e.g. \"123 Rue Principale\")\n city: City (e.g. \"Montreal\")\n state: Province/state code (e.g. \"QC\", \"ON\", \"BC\")\n postal_code: Postal/ZIP code (e.g. \"H2X 1Y4\")\n country: ISO 3166-1 alpha-2 country code (default: \"CA\")\n period: Registration period in years (1\u201310, default: 1)\n ca_legal_type: Required for .ca domains. CIRA legal types:\n \"CCO\" (Canadian citizen), \"RES\" (permanent resident),\n \"CCT\" (corporation), \"GOV\" (government), \"EDU\" (education),\n \"ASS\" (association), \"HOP\" (hospital), \"PRT\" (partnership),\n \"TDM\" (trademark), \"TRD\" (trade union), \"PLT\" (political party),\n \"LAM\" (library/archive/museum), \"MAJ\" (Her Majesty),\n \"INB\" (Indian band), \"ABO\" (Aboriginal peoples),\n \"LGR\" (legal representative)\n\nReturns:\n {\"domain\": \"example.ca\", \"status\": \"registered\",\n \"expires_at\": \"iso8601\", \"message\": \"Domain registered successfully\"}\n\nErrors:\n VALIDATION_ERROR: Missing required fields, invalid phone format,\n missing ca_legal_type for .ca domains\n NOT_FOUND: Domain not available (already registered by someone else)\n",
"inputSchema": {
"properties": {
"address1": {
"title": "Address1",
"type": "string"
},
"ca_legal_type": {
"default": "",
"title": "Ca Legal Type",
"type": "string"
},
"city": {
"title": "City",
"type": "string"
},
"country": {
"default": "CA",
"title": "Country",
"type": "string"
},
"domain": {
"title": "Domain",
"type": "string"
},
"email": {
"title": "Email",
"type": "string"
},
"first_name": {
"title": "First Name",
"type": "string"
},
"last_name": {
"title": "Last Name",
"type": "string"
},
"period": {
"default": 1,
"title": "Period",
"type": "integer"
},
"phone": {
"title": "Phone",
"type": "string"
},
"postal_code": {
"title": "Postal Code",
"type": "string"
},
"state": {
"title": "State",
"type": "string"
}
},
"required": [
"domain",
"first_name",
"last_name",
"email",
"phone",
"address1",
"city",
"state",
"postal_code"
],
"title": "register_domainArguments",
"type": "object"
},
"name": "register_domain"
},
{
"description": "Get full domain details including DNS and infrastructure status.\n\nRequires: API key with read scope.\n\nArgs:\n domain_name: Full domain name (e.g. \"example.com\")\n\nReturns:\n {\"domain\": \"example.com\", \"status\": \"active\",\n \"expires_at\": \"iso8601\", \"auto_renew\": true,\n \"nameservers\": [\"ns1.borealhost.ai\", \"ns2.borealhost.ai\"],\n \"dns_records\": [...], \"linked_site\": \"my-site\"}\n\nErrors:\n NOT_FOUND: Domain not owned by this account\n",
"inputSchema": {
"properties": {
"domain_name": {
"title": "Domain Name",
"type": "string"
}
},
"required": [
"domain_name"
],
"title": "domain_detailArguments",
"type": "object"
},
"name": "domain_detail"
},
{
"description": "Link a domain to a hosted site.\n\nAttaches the domain to the specified site and triggers automatic\nDNS configuration and SSL provisioning.\n\nRequires: API key with write scope.\n\nArgs:\n domain_name: Full domain name (e.g. \"example.com\")\n site_slug: Site identifier to link the domain to\n\nReturns:\n {\"success\": true, \"domain\": \"example.com\",\n \"linked_site\": \"my-site\", \"message\": \"Domain linked\"}\n\nErrors:\n NOT_FOUND: Domain or site not found\n VALIDATION_ERROR: Domain already linked to another site\n",
"inputSchema": {
"properties": {
"domain_name": {
"title": "Domain Name",
"type": "string"
},
"site_slug": {
"title": "Site Slug",
"type": "string"
}
},
"required": [
"domain_name",
"site_slug"
],
"title": "link_domainArguments",
"type": "object"
},
"name": "link_domain"
},
{
"description": "Update domain settings (auto-renew, WHOIS privacy, registrar lock).\n\nOnly provided (non-None) fields are updated.\n\nRequires: API key with write scope.\n\nArgs:\n domain_name: Full domain name (e.g. \"example.com\")\n auto_renew: Enable/disable automatic renewal\n whois_privacy: Enable/disable WHOIS privacy protection\n locked: Enable/disable registrar lock (prevents unauthorized transfers)\n\nReturns:\n {\"success\": true, \"domain\": \"example.com\",\n \"auto_renew\": true, \"whois_privacy\": true, \"locked\": true}\n\nErrors:\n NOT_FOUND: Domain not found or not owned by account\n",
"inputSchema": {
"properties": {
"auto_renew": {
"default": null,
"title": "Auto Renew",
"type": "boolean"
},
"domain_name": {
"title": "Domain Name",
"type": "string"
},
"locked": {
"default": null,
"title": "Locked",
"type": "boolean"
},
"whois_privacy": {
"default": null,
"title": "Whois Privacy",
"type": "boolean"
}
},
"required": [
"domain_name"
],
"title": "domain_settingsArguments",
"type": "object"
},
"name": "domain_settings"
},
{
"description": "List all DNS records for a domain.\n\nReturns DNS records at the domain level (independent of site-level\nmanage_dns). Use this for domains that may not be linked to a site.\n\nRequires: API key with read scope.\n\nArgs:\n domain_name: Full domain name (e.g. \"example.com\")\n\nReturns:\n [{\"id\": \"record-id\", \"type\": \"A\", \"subdomain\": \"www\",\n \"value\": \"1.2.3.4\", \"ttl\": 3600}]\n\nErrors:\n NOT_FOUND: Domain not found or not owned by account\n",
"inputSchema": {
"properties": {
"domain_name": {
"title": "Domain Name",
"type": "string"
}
},
"required": [
"domain_name"
],
"title": "list_domain_dnsArguments",
"type": "object"
},
"name": "list_domain_dns"
},
{
"description": "Add a DNS record to a domain.\n\nRequires: API key with write scope.\n\nArgs:\n domain_name: Full domain name (e.g. \"example.com\")\n record_type: \"A\", \"AAAA\", \"CNAME\", \"MX\", \"TXT\", or \"SRV\"\n value: Record value (e.g. \"1.2.3.4\" for A, \"mail.example.com\" for MX)\n subdomain: Subdomain part (e.g. \"www\", \"mail\"). Empty for apex domain.\n ttl: Time to live in seconds (default: 3600)\n priority: MX priority (required for MX records)\n\nReturns:\n {\"success\": true, \"record\": {\"id\": \"...\", \"type\": \"A\",\n \"subdomain\": \"www\", \"value\": \"1.2.3.4\", \"ttl\": 3600}}\n\nErrors:\n VALIDATION_ERROR: Missing value, invalid record type\n NOT_FOUND: Domain not found\n",
"inputSchema": {
"properties": {
"domain_name": {
"title": "Domain Name",
"type": "string"
},
"priority": {
"default": null,
"title": "Priority",
"type": "integer"
},
"record_type": {
"title": "Record Type",
"type": "string"
},
"subdomain": {
"default": "",
"title": "Subdomain",
"type": "string"
},
"ttl": {
"default": 3600,
"title": "Ttl",
"type": "integer"
},
"value": {
"title": "Value",
"type": "string"
}
},
"required": [
"domain_name",
"record_type",
"value"
],
"title": "add_domain_dnsArguments",
"type": "object"
},
"name": "add_domain_dns"
},
{
"description": "Delete a DNS record from a domain.\n\nRequires: API key with write scope.\n\nArgs:\n domain_name: Full domain name (e.g. \"example.com\")\n record_id: ID of the DNS record to delete (from list_domain_dns)\n\nReturns:\n {\"success\": true, \"message\": \"DNS record deleted\"}\n\nErrors:\n NOT_FOUND: Domain or record not found\n",
"inputSchema": {
"properties": {
"domain_name": {
"title": "Domain Name",
"type": "string"
},
"record_id": {
"title": "Record Id",
"type": "string"
}
},
"required": [
"domain_name",
"record_id"
],
"title": "delete_domain_dnsArguments",
"type": "object"
},
"name": "delete_domain_dns"
},
{
"description": "List AI modules and their enabled/disabled state for a site.\n\nAlso returns the list of modules available for the site's plan.\n\nRequires: API key with read scope.\n\nArgs:\n slug: Site identifier\n\nReturns:\n {\"modules\": {\"chatbot\": true, \"seo\": false, \"translation\": false,\n \"content\": false}, \"available\": [\"chatbot\", \"seo\", \"translation\", \"content\"]}\n\nErrors:\n NOT_FOUND: Unknown slug\n",
"inputSchema": {
"properties": {
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug"
],
"title": "list_modulesArguments",
"type": "object"
},
"name": "list_modules"
},
{
"description": "Enable or disable an AI module on a site.\n\nThe module must be in the plan's available module list.\n\nRequires: API key with write scope.\n\nArgs:\n slug: Site identifier\n module_name: Module to toggle. Available modules:\n \"chatbot\" (AI chat widget), \"seo\" (SEO optimization),\n \"translation\" (content translation), \"content\" (AI content generation)\n\nReturns:\n {\"module\": \"chatbot\", \"enabled\": true, \"message\": \"Module enabled\"}\n\nErrors:\n NOT_FOUND: Unknown slug or module not in plan\n VALIDATION_ERROR: Invalid module name\n",
"inputSchema": {
"properties": {
"module_name": {
"title": "Module Name",
"type": "string"
},
"slug": {
"title": "Slug",
"type": "string"
}
},
"required": [
"slug",
"module_name"
],
"title": "toggle_moduleArguments",
"type": "object"
},
"name": "toggle_module"
}
]
}
},
"requested_protocol_version": "2025-03-26",
"resumed": true,
"session_id_present": true,
"transport": "streamable-http",
"url": "https://borealhost.ai/mcp/"
},
"latency_ms": 126.7,
"status": "ok"
},
"step_up_auth_probe": {
"details": {
"auth_required_checks": [],
"broad_scopes": [],
"challenge_headers": [],
"minimal_scope_documented": false,
"oauth_present": false,
"scope_specificity_ratio": 0.0,
"step_up_signals": [],
"supported_scopes": []
},
"latency_ms": null,
"status": "missing"
},
"tool_snapshot_probe": {
"details": {
"reason": "no_tools"
},
"latency_ms": null,
"status": "missing"
},
"tools_list": {
"details": {
"error": "Client error '400 Bad Request' for url 'https://borealhost.ai/mcp/'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400",
"headers": {
"content-type": "application/json",
"mcp-session-id": "0095445f189d46bd8786f4d2618af880"
},
"http_status": 400,
"payload": {},
"url": "https://borealhost.ai/mcp/"
},
"latency_ms": 40.29,
"status": "error"
},
"transport_compliance_probe": {
"details": {
"bad_protocol_error": null,
"bad_protocol_headers": {
"content-type": "application/json",
"mcp-session-id": "9e47197d0e10454f903bfdd449777631"
},
"bad_protocol_payload": {
"error": {
"code": -32600,
"message": "Bad Request: Unsupported protocol version: 1999-99-99. Supported versions: 2024-11-05, 2025-03-26, 2025-06-18, 2025-11-25"
},
"id": "server-error",
"jsonrpc": "2.0"
},
"bad_protocol_status_code": 400,
"delete_error": null,
"delete_status_code": 200,
"expired_session_error": null,
"expired_session_status_code": 404,
"issues": [
"missing_protocol_header"
],
"last_event_id_visible": false,
"protocol_header_present": false,
"requested_protocol_version": "2025-03-26",
"session_id_present": true,
"transport": "streamable-http"
},
"latency_ms": 56.47,
"status": "warning"
},
"utility_coverage_probe": {
"details": {
"completions": {
"advertised": false,
"live_probe": "not_executed",
"sample_target": null
},
"initialize_capability_keys": [
"experimental",
"prompts",
"resources",
"tools"
],
"pagination": {
"metadata_signal": false,
"next_cursor_methods": [],
"supported": false
},
"tasks": {
"advertised": false,
"http_status": 400,
"probe_status": "missing"
}
},
"latency_ms": 28.87,
"status": "missing"
}
},
"failures": {
"oauth_authorization_server": {
"reason": "no_authorization_server"
},
"oauth_protected_resource": {
"error": "Client error '404 Not Found' for url 'https://borealhost.ai/.well-known/oauth-protected-resource'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://borealhost.ai/.well-known/oauth-protected-resource"
},
"openid_configuration": {
"reason": "no_authorization_server"
},
"server_card": {
"error": "Client error '404 Not Found' for url 'https://borealhost.ai/.well-known/mcp/server-card.json'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://borealhost.ai/.well-known/mcp/server-card.json"
},
"tools_list": {
"error": "Client error '400 Bad Request' for url 'https://borealhost.ai/mcp/'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400",
"headers": {
"content-type": "application/json",
"mcp-session-id": "0095445f189d46bd8786f4d2618af880"
},
"http_status": 400,
"payload": {},
"url": "https://borealhost.ai/mcp/"
}
},
"remote_url": "https://borealhost.ai/mcp/",
"server_card_payload": null,
"server_identifier": "ai.borealhost/mcp"
}
Known versions
0.1.4
Validation history
7 day score delta
n/a
30 day score delta
n/a
Recent healthy ratio
0%
Freshness
7.3h
| Timestamp | Status | Score | Latency | Tools |
|---|---|---|---|---|
| May 13, 2026 10:43:38 AM UTC | Failing | 56.0 | 895.3 ms | 0 |
| May 13, 2026 02:41:46 AM UTC | Failing | 55.7 | 1160.4 ms | 0 |
| May 12, 2026 06:40:29 PM UTC | Failing | 55.5 | 1119.9 ms | 0 |
| May 12, 2026 10:15:14 AM UTC | Failing | 55.4 | 934.4 ms | 0 |
| May 12, 2026 02:14:16 AM UTC | Failing | 53.2 | 1057.1 ms | 0 |
Validation timeline
| Validated | Summary | Score | Protocol | Auth mode | Tools | High-risk tools | Changes |
|---|---|---|---|---|---|---|---|
| May 13, 2026 10:43:38 AM UTC | Failing | 56.0 | 2025-03-26 | public | 0 | 0 | none |
| May 13, 2026 02:41:46 AM UTC | Failing | 55.7 | 2025-03-26 | public | 0 | 0 | none |
| May 12, 2026 06:40:29 PM UTC | Failing | 55.5 | 2025-03-26 | public | 0 | 0 | none |
| May 12, 2026 10:15:14 AM UTC | Failing | 55.4 | 2025-03-26 | public | 0 | 0 | none |
| May 12, 2026 02:14:16 AM UTC | Failing | 53.2 | 2025-03-26 | public | 0 | 0 | none |
Recent validation runs
| Started | Status | Summary | Latency | Checks |
|---|---|---|---|---|
| May 13, 2026 10:43:38 AM UTC | Completed | Failing | 895.3 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| May 13, 2026 02:41:45 AM UTC | Completed | Failing | 1160.4 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| May 12, 2026 06:40:28 PM UTC | Completed | Failing | 1119.9 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| May 12, 2026 10:15:13 AM UTC | Completed | Failing | 934.4 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| May 12, 2026 02:14:14 AM UTC | Completed | Failing | 1057.1 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |