Docs

Known Limitations

Known limitations

This project is in MVP / Phase 6 (Polish & Operability). The following are known limitations:

Policy replay limitations

```
decision_traces
```
does not store request
```
params
```
as first-class searchable columns, so Autopilot replay cannot validate param constraints yet.

Autopilot v1 scope

Autopilot recommend v1 scans historically ALLOWED traces in the selected window.
Recommendations are created as inactive draft policies unless explicitly activated.

Tenancy / access

Multi-tenant isolation relies on Postgres RLS and correct user→tenant mapping.
The gateway never trusts
```
tenantId
```
from request bodies.

Operational

Public distribution of the shim is not complete until Phase 6 is done.
Error messages are standardized, but not all UI surfaces display code/requestId yet (ongoing in Phase 6).

Compatibility

Some routes rely on client components and may behave differently under
```
cacheComponents
```
constraints; we treat
```
npm run build
```
as the source of truth.

← API Reference MCP Shim Install →