Parent: #7672 (5.3 Application management)
Tool file: forge/ee/lib/mcp/tools/applications.js (extend)
Read tools that belong to the application resource. Filed in applications.js alongside the existing application tools, following the one-file-per-resource convention (a tool lives in the file for the noun it is about, regardless of the URL's first path segment).
| Tool |
Endpoint |
Scope |
Annotation |
platform_list_application_snapshots |
GET /applications/:applicationId/snapshots |
project:snapshot:list |
read |
platform_export_application_audit_log |
GET /applications/:applicationId/audit-log/export |
application:audit-log |
read |
platform_list_team_application_statuses |
GET /teams/:teamId/applications/status |
team:projects:list |
read |
Design notes:
- Application read reuses
project:* scopes, not application:*, so project:snapshot:list backs the snapshot list.
platform_export_application_audit_log is the CSV export counterpart of the already-shipped platform_get_application_audit_log; it reuses the same application:audit-log scope.
platform_list_team_application_statuses returns the applications in a team with the live status of their instances and devices. It hangs off a team URL but describes application state, so it is filed with the application tools.
Scopes to allow-list + access-tag (#7445):
project:snapshot:list (read). Already present from shipped tools: project:read, project:create, team:device:list, team:projects:list, application:audit-log. No new scope is required for the audit-log export or the application statuses list.
Tests:
- Snapshot list tool returns application snapshots; read-only PAT allowed.
- Audit-log export tool returns CSV; read-only PAT allowed.
- Application statuses tool returns per-application instance/device status.
Parent: #7672 (5.3 Application management)
Tool file:
forge/ee/lib/mcp/tools/applications.js(extend)Read tools that belong to the application resource. Filed in
applications.jsalongside the existing application tools, following the one-file-per-resource convention (a tool lives in the file for the noun it is about, regardless of the URL's first path segment).platform_list_application_snapshotsGET /applications/:applicationId/snapshotsproject:snapshot:listplatform_export_application_audit_logGET /applications/:applicationId/audit-log/exportapplication:audit-logplatform_list_team_application_statusesGET /teams/:teamId/applications/statusteam:projects:listDesign notes:
project:*scopes, notapplication:*, soproject:snapshot:listbacks the snapshot list.platform_export_application_audit_logis the CSV export counterpart of the already-shippedplatform_get_application_audit_log; it reuses the sameapplication:audit-logscope.platform_list_team_application_statusesreturns the applications in a team with the live status of their instances and devices. It hangs off a team URL but describes application state, so it is filed with the application tools.Scopes to allow-list + access-tag (#7445):
project:snapshot:list(read). Already present from shipped tools:project:read,project:create,team:device:list,team:projects:list,application:audit-log. No new scope is required for the audit-log export or the application statuses list.Tests: