{"service":"xml","baseUrl":"https://xml.platphormnews.com","publicSafeAccessEnabledByDefault":true,"auth":{"enforcementEnabled":false,"publicSafeByDefault":true,"acceptedHeaders":["Authorization: Bearer $PLATPHORM_API_KEY","X-PlatPhorm-API-Key: $PLATPHORM_API_KEY"],"protectedActions":[],"futureProtectedActions":["schema_registry_mutation","schema_upload","private_validation","batch_conversion","report_generation","sync_job","admin_action","trusted_domain_mutation","sensitive_audit_details"]},"domainAllowlist":["*.platphormnews.com"],"publicReadOnlyAccess":["/","/faq","/api/health","/api/v1/health","/api/docs","/openapi.yaml","/openapi.json","/llms.txt","/llms-full.txt","/llms-index.json","/robots.txt","/sitemap.xml","/sitemap-main.xml","/sitemap-index.xml","/rss.xml","/feed.xml","/manifest.webmanifest","/api/mcp","/.well-known/mcp.json","/.well-known/agents.json","/.well-known/ai-plugin.json","/.well-known/security.txt","/.well-known/trust.json","/.well-known/platphorm.xml"],"protectedActions":["schema_registry_mutation","schema_upload","private_validation","batch_conversion","report_generation","sync_job","admin_action","trusted_domain_mutation","sensitive_audit_details"],"localXmlDraftPersistencePolicy":"Non-sensitive XML drafts may be stored in browser-local storage. Server-side persistence is not claimed unless a backend store is configured.","xmlDataExposurePolicy":"Pasted XML is processed for the current browser/API operation only and is not published in discovery files, feeds, logs, or public routes.","schemaRegistryPolicy":"Built-in public schema records are readable; schema mutation is scaffolded as future protected.","trustedDomainPolicy":"PlatPhorm discovery and future sync are limited to *.platphormnews.com unless explicitly allowlisted.","routeStandard":["/","/faq","/api/health","/api/v1/health","/api/docs","/openapi.yaml","/openapi.json","/llms.txt","/llms-full.txt","/llms-index.json","/robots.txt","/sitemap.xml","/sitemap-main.xml","/sitemap-index.xml","/rss.xml","/feed.xml","/manifest.webmanifest","/api/mcp","/.well-known/mcp.json","/.well-known/agents.json","/.well-known/ai-plugin.json","/.well-known/security.txt","/.well-known/trust.json","/.well-known/platphorm.xml"],"vercelMetadataPolicy":"Only safe Vercel metadata is captured; raw IPs and secrets are redacted.","tracePropagationPolicy":"W3C traceparent/tracestate and safe X-PlatPhorm trace headers are accepted and propagated for XML operations.","backendModelScaffoldingPolicy":{"configured":false,"status":"degraded","provider":null,"clientModelCallsAllowed":false,"redaction":"XML inputs must be redacted before protected model calls.","tasks":["explain XML structure","suggest and generate XSD","explain validation errors","summarize RSS/Atom feeds","summarize sitemap structure","explain XPath results","convert XML structure into documentation","suggest namespace cleanup","detect likely XML data issues"],"degradedReason":"No backend model provider is configured; Phase 1 reports model guidance as unavailable instead of faking generated output."},"securityContact":"security@platphormnews.com","statement":"Public-safe XML editing, formatting, validation, tree viewing, XPath testing, XSD validation, RSS/Atom/sitemap inspection, local non-sensitive XML draft persistence, read-only MCP introspection, RSS/feed consumption, trusted-domain discovery, standard route compliance, Vercel metadata capture, backend model scaffolding, and trace-linked XML operations are intentionally supported for public use. PLATPHORM_API_KEY support is scaffolded for future protected backend services, registry mutation, private validation, sync, test-triggering, reporting, administrative actions, and sensitive operations."}