Builder notes

Preview first. Private actions later.

GPT Actions, MCP tools, browser-authenticated services, and workflow triggers belong behind a private workspace boundary where access, retention, and audit rules are explicit.

Security boundary Home

Keep the public preview stateless

The public domain can explain the product without storing accounts, sessions, or workspace records.

Run private actions in the cockpit

Action keys, service tokens, and tool permissions belong in a user-controlled workspace.

Expose endpoints intentionally

Only publish automation routes after authentication, scope, logs, and recovery behavior are clear.

GPT

GPT Builder packages

Use generated OpenAPI/action packages when a private workspace is ready to expose specific actions.

MCP

MCP and local tools

Treat MCP, local commands, ffmpeg, and browser tools as user-approved routes, not background access.

RUN

Workflow triggers

Schedules and webhook triggers should create reviewable outputs, not silent side effects.