What is live on Graunt today, and what is not

ACCESS_DECISION_SERVICE

Single primary access gate for entitled access.

RECEIPTS_AUDIT_GRADE

14-kind append-only audit-grade receipt chain.

DELIVERIES_FIRST_CLASS

First-class delivery artifact per entitled access event.

OUTPUT_RIGHTS_SNAPSHOT

Per-listing declarative output-rights with frozen-at-checkout snapshot.

PUBLICATION_TRUST_PIPELINE_V0 expected: P7-4.14

Deterministic publication trust pipeline routes submissions through structured gates and produces a public_status plus seller_next_action. AUTO_LISTABLE_WITH_GUARDRAILS recommends approval; admin still clicks APPROVE through the canonical publication gate.

QUERY_LICENSING_V0

Query Licensing v0 with STUB_VERIFIER and bounded answer hashing.

SPLICE_ROW

ROW_SPLICE — row-level rights-aware sub-product carve-out.

SPLICE_JURISDICTION

JURISDICTION_SPLICE — geo-scoped sub-product carve-out.

SPLICE_ANSWER_CONTEXT

ANSWER_CONTEXT_SPLICE — answer-context derived sub-product.

PROOF_HASH_ONLY

HASH_ONLY proof kind for receipts.

STARTER_SUPPLY_MARKETPLACE expected: P7-1

Starter AI/workflow packet categories, collection pages, Studio helper copy, and agent-readable listing filters are available for reviewed listings. Publication remains review-gated; empty collections may appear until supply is approved.

VERIFIED_PROVIDER_TIER expected: P7-2

Graunt-reviewed provider tiers, provider profiles, listing badges, and provider-term visibility are available for marketplace listings. Provider tiers reflect Graunt review state and do not imply external identity verification unless separately stated with evidence.

MARKETPLACE_DISCOVERY_CANONICAL expected: P7-3

Canonical marketplace routes (/explore, /sell, /api-agents, /trust), preserved compatibility 301 redirects from legacy routes (/catalog, /sellers, /agents, /trust-and-safety), aligned agent-readable discovery metadata (OpenAPI route examples + /llms.txt + JSON-LD canonical URL fields), and refreshed nav/footer canonical links. Older public URLs continue to resolve via tested compatibility redirects.

REFINERY_VALIDATOR_V0 expected: P7-4

Deterministic refinery packet validator v0 (P9-1) is callable at POST /v1/refinery/validate. Validates packet manifests against the universal-packet-contract §12 envelope (Presence + Validation + Coherence). No LLM, no external network. Status ∈ {DRAFT, PUBLISH_BLOCKED, PASSED_WITH_NOTES, PASSED} at v0 (STRUCTURAL_VALID + EVIDENCE_INCOMPLETE reserved for P9-7 with full file-tree input).

REFINERY_CANDIDATE_INTAKE expected: P7-4

Authenticated seller-or-both organizations can submit private refinery candidates via POST /v1/refinery/candidates and import validator-passing packets via POST /v1/refinery/import (bypassing the refinery-imposed price floor per D-198 via the typed refinery_imports record). Candidates are stored under a restricted S3 prefix (graunt-internal/refinery/) and NEVER appear in /v1/listings, search, /llms.txt, OpenAPI, or any agent surface. Cross-org GET returns 404 (D-191 §3.4 existence-leak guard). Listing creation via the assembler bridge remains a P9-7 follow-on.

REFINERY_COMPILER_FOUNDATION expected: P7-4

Sellers can register private source artifacts (POST /v1/refinery/artifacts), run private deterministic compiler jobs over them (POST /v1/refinery/jobs) with a recorded step trace, and read the public source-type support matrix (GET /v1/refinery/policies/public-support-matrix). Artifacts and jobs are organization-scoped and never appear in /v1/listings, search, /llms.txt, OpenAPI public discovery, or any agent surface; cross-org GET returns 404 (D-191 section 3.4 existence-leak guard). The job trace demonstrates a two-role pipeline (a maker step that generates and a checker step that reviews and corrects), and every provider step records which provider and model performed it for display. A provider matrix registers deterministic + fake providers ENABLED, with the external model providers (OpenAI, Anthropic, xAI) registered for the maker, checker, and listing-suggestion roles but CONFIGURED_NOT_ACTIVE: each carries only an SSM credential-store reference and no stored value, and an admin-editable per-provider prompt template (no value at v0). The compiler runs a deterministic path only at v0 - no external model is called by any code path until a separate activation gate. Real extraction, source-map gates, paid quotes, live provider/model selection, and the listing assembler bridge remain follow-on phases.

AGENT_META_REQUIREMENT_GROUPS expected: P7-4.7

Public read-only discovery of the composable packet requirement groups (SAFE-only projection) at GET /v1/meta/requirement-groups. Registry-derived; no DB; PROTECTED/internal requirement fields are never exposed.

AGENT_META_CONTENT_PROFILES expected: P7-4.7

Public read-only discovery of registered content profiles (the validator-passable packet kinds, families, and required requirement groups) at GET /v1/meta/content-profiles. Registry/canon-derived; no DB.

AGENT_META_CONSTITUTION expected: P7-4.7

Public read-only discovery of the ratified Packet Constitution version (constitution_version) at GET /v1/meta/constitution. Canon-derived; no DB.

AGENT_META_REFINERY_POLICY expected: P7-4.8

Public read-only disclosure of the Refinery access posture (launch free seed, micro-free threshold, content-integrity profiles, model-assist posture, and the reserved/not-active charging state) at GET /v1/meta/refinery-policy. Config-driven (single active policy row); SAFE projection only — no abuse thresholds, provider internals, or per-account usage. Live paid Refinery processing is not active.

REFINERY_BUDGET_REFUNDS_V0 expected: P7-4.12

Refinery Budget refund / dispute automation v0. The metadata.charge_kind="refinery_budget" branch of the existing refund.* + charge.dispute.* webhook handlers updates refinery_budget_charges only (HR-29 isolation invariant). Marketplace purchase rows, payout_splits, commercial_terms, transfer_data, and application_fee_amount are NEVER mutated by this path.

MULTI_PROVIDER_ACTIVATION_SUBSTRATE expected: P7-4.12

Multi-provider activation substrate is shipped. /v1/meta/refinery-policy reports per-provider activation status (CONFIGURED_NOT_ACTIVE / ENABLED) for anthropic, openai, xai. Per-provider LIVE flip (POST /v1/admin/refinery/providers/:id/enable) requires operator SSM credential population + ECS env flip — never performed by the build slice.

RECONCILE_AUTHORITY_PRODUCTION_GATE expected: P7-4.12

Production entitlement reconciliation authority gate. In NODE_ENV=production, POST /v1/admin/purchases/:id/reconcile-entitlement with dry_run=false REQUIRES X-Reconcile-Authority (HMAC-signed) header. Local HMAC issuer at scripts/operator/issue-reconcile-token.mjs; raw token is NEVER logged; SHA-256 token hash IS recorded in the audit payload.

STRIPE_RECONSTRUCTION_CANDIDATES_READ expected: P7-4.12

Admin read-only Stripe reconstruction-candidates discovery at GET /v1/admin/stripe/reconstruction-candidates. Surfaces Stripe objects (payment_intent / charge / refund / dispute) without a matching local row in purchases OR refinery_budget_charges. Read-only: NEVER calls completePurchase, NEVER mutates entitlements / receipts / payout_splits / accounting_events. Response carries only redacted Stripe id prefixes (pi_*** / ch_*** / re_*** / dp_***) + bounded presence booleans + closed-enum suggested_action.

CONTROLLED_SPLICE_BUNDLES_V0 expected: P7-4.13

Controlled splice bundles deliver only the source files required to support the selected result, plus the relevant markdown and JSON sidecars. Caller must hold an ACTIVE FULL entitlement bound to the listing's packet bundle revision. Preflight runs deterministically before the build is enqueued. Generated archives are TTL'd; manifest, sidecar manifest, and source originals remain canonical.

SUBSCRIPTION_WORKING_SETS_V0 expected: P7-4.13

Bounded subscription working sets (32 files / 256 MiB / 7-day default TTL) pinned to an active entitlement and optionally to an organization_subscription. Revocation of the bound subscription revokes the working set. Source originals are untouched; only the working-set row + generated archive are affected.

SOURCE_CONTEXT_RECEIPTS_V0 expected: P7-4.13

Source-context review and source-enrichment receipts are informational, append-only, and never a publish gate. Deterministic + Fake adapters only at v0; live LLM / web enrichment paths are gated by a separate decision and the refinery triple gate.

ENTERPRISE_ACCOUNTS expected: P6-ARCI-3

Enterprise umbrella accounts, workspaces, seats, and admins are PREVIEW. Operator-onboarded only.

PROVIDER_TERMS_REGISTRY expected: P6-ARCI-3

Operator-onboarded premium provider terms registry. No live transport at this slice.

PUBLICATION_LLM_TRIAGE_V0 flag: PUBLICATION_LLM_TRIAGE_ENABLED expected: P7-4.18

Bounded LLM-driven triage findings use a fake adapter in v0. Live providers are operator-gated and not active.

SELLER_ASSIST_JOBS_V0 flag: ASSIST_JOB_LIVE_CHARGE_ENABLED expected: P7-4.19

Seller-approved assist jobs can produce safe patches. Live billing is not active.

AGENT_PUBLICATION_READINESS_API_V0 expected: P7-4.14

Read-only agent endpoint for publication readiness. Agent-initiated mutation endpoints are PLANNED.

AGENT_PRINCIPAL_IDENTITY expected: P6-ARCI-3

Agent principal identity with credential vault. PREVIEW; no live MCP transport.

AGENT_ACCESS_MANIFEST expected: P6-ARCI-3

Per-agent access manifest substrate. PREVIEW; HUMAN_APPROVAL_REQUIRED default.

SOURCE_WEIGHTED_PAYOUTS_ACCRUED expected: P6-ARCI-3

Source-weighted payout accrual (SOURCE_AUTHOR / RECIPE_AUTHOR / PACKET_BUILDER role kinds) — ACCRUED only at this slice.

AGENT_BUY_API_V0 expected: P7-4.12

Agent BUY v0 REST substrate (POST /v1/agents/purchases/preflight, POST /v1/agents/purchases/execute). Scoped bearer token (grnt_agent_*) issued from /v1/agents/credentials. Reuses the canonical human purchase code path so financial math (gross = platform_fee + seller_net) is byte-equivalent. Autonomous verified-agent principal is RESERVED until P8. MCP transport is PLANNED for P7-8. Per-credential rate limit (30/min) + daily spend cap ($1000) + human-confirmation policy above the daily cap.

AGENT_SELL_API_V0 expected: P7-4.12

Agent SELL v0 REST substrate (POST /v1/agents/listings/preflight, POST /v1/agents/listings/submit). Reuses the canonical createListing flow; result enters the standard pending-review state and admin approval continues through the canonical marketplace publish gate (HR-28 preserved). Per-credential rate limit (10/min).

AGENT_PACKET_ASSEMBLY_V0 expected: P7-4.13

Agent packet-bundle assembly substrate (POST/GET/DELETE /v1/agents/packet-bundles/assembly-sessions[/...]). Requires the `bundle:assemble` agent scope. Reuses the canonical packet upload and finalize services; agent-assembled bundles are byte-equivalent (manifest_sha256 + sidecar_manifest_sha256) to human-assembled bundles. NEVER publishes a listing; subsequent listing creation goes through the canonical admin publication review.

EXTERNAL_SSO_LIVE expected: P7-2

External SSO transport (Okta / Azure AD / Google Workspace / generic OIDC) is PLANNED. No live integration today.

EXTERNAL_SCIM_LIVE expected: P7-2

External SCIM provisioning is PLANNED. No live integration today.

MCP_TRANSPORT_LIVE flag: FEATURE_P6_ARCI_MCP_LIVE expected: P6-ARCI-3

Live MCP server transport for agent integrations is PLANNED. Gated by FEATURE_P6_ARCI_MCP_LIVE (default OFF) AND manifest status=ACTIVE.

AUTONOMOUS_AGENT_CHECKOUT expected: P7-3

Autonomous agent checkout under delegated buyer-organization credentials is PLANNED. HUMAN_APPROVAL_REQUIRED today.

SOURCE_WEIGHTED_PAYOUTS_LIVE expected: P7-4

ACCRUED→PAID transition for source-weighted payouts is PLANNED. No money movement at this slice.

PROOF_HASH_TRACE expected: P6-ARCI-3

HASH_TRACE proof bundles. Reserved for the bounded-verifier slice.

PAY_PER_CRAWL

AI-crawler-priced access via Cloudflare Pay-Per-Crawl. PLANNED; activation lives in the Cloudflare dashboard, not in repo code.

ACCOUNTLESS_PAID_ACCESS

Listing-scoped paid access without a buyer-org account. PLANNED. Foundational doctrine: no unmanaged paid purchase.

VISUAL_EXTRACTION_TAFFY

Taffy visual extraction — PLANNED, not live.

REFINERY_AUTOMATED_V1

Automated refinery v1 — PLANNED per Phase P9 doctrine; not live.

LIVE_VERIFIER_LLM flag: FEATURE_LIVE_VERIFIER expected: P6-ARCI-3

Live LLM verifier is DISABLED by default. Operator-flippable via FEATURE_LIVE_VERIFIER (default OFF).

PUBLICATION_AUTO_APPROVE_LOW_RISK

Reserved capability. No code path consults this entry. Auto-approval of LOW-risk listings is not wired and never bypasses canonical admin review.

SPLICE_FIELD

FIELD_SPLICE — column-level carve-out. RESERVED for a future slice.

SPLICE_SECTION

SECTION_SPLICE — section-level carve-out. RESERVED.

SPLICE_VISUAL

VISUAL_SPLICE — visual / extracted-element carve-out. RESERVED.

SPLICE_PROVIDER_CURATED

PROVIDER_CURATED_SPLICE — provider-curated bundle. RESERVED.

SPLICE_CROSS_PACKET

CROSS_PACKET_SPLICE — multi-parent carve-out. RESERVED.

SPLICE_TIME_WINDOW

TIME_WINDOW_SPLICE — time-window scoped carve-out. RESERVED.

SPLICE_WORKFLOW

WORKFLOW_SPLICE — workflow-scoped carve-out. RESERVED.

SPLICE_EPHEMERAL_AGENT

EPHEMERAL_AGENT_SPLICE — single-agent ephemeral carve-out. RESERVED.

PROOF_TRACEABLE_TRANSCRIPT

TRACEABLE_TRANSCRIPT proof bundles. RESERVED; depends on signed-transcript substrate.

ZK_PROOF_CLAIMS

Zero-knowledge proof claims — RESERVED; no implementation.

REFINERY_LIVE_MODEL_CALLS flag: REFINERY_LIVE_MODEL_CALLS_ENABLED expected: P7-4.11

Triple-gated runner for live LLM provider calls (env REFINERY_LIVE_MODEL_CALLS_ENABLED + DB provider status ENABLED + resolvable credential + cost cap + kill switch). Code path is shipped and tested at P7-4.11; operational LIVE flip is an operator runbook step that is not performed by this slice.

REFINERY_BUDGET_POST_PAID expected: P7-4.11

Per-org Refinery Budget with per-job + per-period cents caps and a Stripe-saved payment method (SetupIntent flow). Post-paid PaymentIntent OFF_SESSION on Graunt's own Stripe account (NEVER through Stripe Connect, NEVER through payout_splits, NEVER mutating purchases.commercial_terms; HR-29). Idempotent on (budget_id, cost_event_id). Code path ships at P7-4.11; LIVE flip is operator-gated.

PRICED_ANSWER_ONLY_QUERY_COMMERCE expected: P8

Priced answer-only query commerce is reserved. Query-license verification today produces a deterministic source/citation binding receipt only; no semantic-truth, legal-rights, or model-quality claim is made.

GRAUNT_WORKSPACE_RUNTIME expected: P8

Graunt Workspace runtime is reserved. The Smart Delivery panel surfaces an 'Open in Graunt Workspace' affordance with a RESERVED chip; no workspace runtime is live.