From 88d7dfd853d8d96ca93682931196c4150863cc00 Mon Sep 17 00:00:00 2001
From: Michael Farrell <mkfrl09@gmail.com>
Date: Thu, 9 Apr 2026 16:55:08 -0700
Subject: [PATCH 01/12] feat: add background-task skill and worktree shell
 helpers (#77)

* feat: add background-task skill and worktree shell helpers

Add a background-task skill for parallel worktree workflows, along with
safe shell helper functions (worktree-git, worktree-rm, gempty-branches)
that are auto-loaded via the existing preToolUse hook. Update the
commit-and-push rule to document worktree commands and add .worktrees
to .gitignore.

* chore: remove gempty-branches helper

Not needed for this repo. Remove the shell function and all references
from the skill and commit-and-push rule.

* style: format SKILL.md
---
 .cursor/hooks/shell-functions/worktree-git.sh |  19 ++
 .cursor/hooks/shell-functions/worktree-rm.sh  | 119 ++++++++
 .cursor/rules/commit-and-push.mdc             |  18 ++
 .cursor/skills/background-task/SKILL.md       | 257 ++++++++++++++++++
 .gitignore                                    |   1 +
 5 files changed, 414 insertions(+)
 create mode 100644 .cursor/hooks/shell-functions/worktree-git.sh
 create mode 100644 .cursor/hooks/shell-functions/worktree-rm.sh
 create mode 100644 .cursor/skills/background-task/SKILL.md

diff --git a/.cursor/hooks/shell-functions/worktree-git.sh b/.cursor/hooks/shell-functions/worktree-git.sh
new file mode 100644
index 00000000..e9cc403b
--- /dev/null
+++ b/.cursor/hooks/shell-functions/worktree-git.sh
@@ -0,0 +1,19 @@
+# Safe git command that only runs in .worktrees/ directories
+# Prevents accidental git operations in main working directory
+#
+# Usage:
+#   cd .worktrees/fix-branch && worktree-git checkout -B branch origin/branch
+#   cd .worktrees/fix-branch && worktree-git add -A && worktree-git commit -m "fix: message"
+#   cd .worktrees/fix-branch && worktree-git push origin branch-name
+worktree-git() {
+  if [[ "${PWD}" != *"/.worktrees/"* && "${PWD}" != *"/.worktrees" ]]; then
+    echo "❌ ERROR: worktree-git can only be run in .worktrees/ directories"
+    echo "   Current directory: ${PWD}"
+    echo "   Expected: */.worktrees/*"
+    echo ""
+    echo "   This command is blocked to protect your working directory."
+    echo "   Create a worktree first: git worktree add .worktrees/fix-{name} origin/{branch}"
+    return 1
+  fi
+  git "$@"
+}
diff --git a/.cursor/hooks/shell-functions/worktree-rm.sh b/.cursor/hooks/shell-functions/worktree-rm.sh
new file mode 100644
index 00000000..7dc105b2
--- /dev/null
+++ b/.cursor/hooks/shell-functions/worktree-rm.sh
@@ -0,0 +1,119 @@
+# Safely remove worktrees or files/directories within worktrees
+# Only operates on paths containing /.worktrees/ to protect main workspace
+#
+# Usage:
+#   worktree-rm fix-branch                    # Remove .worktrees/fix-branch worktree
+#   worktree-rm .worktrees/fix-branch         # Remove specific worktree
+#   worktree-rm                               # Remove current worktree (if in .worktrees/)
+#   worktree-rm node_modules                  # Remove node_modules in current worktree
+#   worktree-rm fix-branch/node_modules       # Remove path in specific worktree
+worktree-rm() {
+  local repo_dir
+  repo_dir="$(git rev-parse --show-toplevel 2>/dev/null || echo "")"
+
+  # In a worktree, --show-toplevel returns the worktree root; walk up to find the real repo
+  if [[ -n "${repo_dir}" && "${repo_dir}" == *"/.worktrees/"* ]]; then
+    repo_dir="${repo_dir%%/.worktrees/*}"
+  fi
+
+  if [[ -z "${repo_dir}" || ! -d "${repo_dir}/.git" ]]; then
+    if [[ -d "${HOME}/transcend/tools" ]]; then
+      repo_dir="${HOME}/transcend/tools"
+    else
+      echo "❌ ERROR: Could not determine repo directory"
+      echo "   Run from within the tools repo or a worktree"
+      return 1
+    fi
+  fi
+
+  local worktrees_dir="${repo_dir}/.worktrees"
+  local target="${1:-${PWD}}"
+
+  # If no argument and we're in a worktree, use the worktree root
+  if [[ -z "$1" && "${PWD}" == *"/.worktrees/"* ]]; then
+    local after_worktrees="${PWD#*/.worktrees/}"
+    local wt_name="${after_worktrees%%/*}"
+    target="${worktrees_dir}/${wt_name}"
+  fi
+
+  # If the path is just a name (no slashes, doesn't start with . or /), prepend .worktrees/
+  if [[ "${target}" != /* && "${target}" != .* && "${target}" != */* ]]; then
+    target="${worktrees_dir}/${target}"
+  fi
+
+  # Handle relative paths starting with .worktrees/
+  if [[ "${target}" == .worktrees/* ]]; then
+    target="${repo_dir}/${target}"
+  fi
+
+  # If we're in a worktree and path is relative, resolve from current directory
+  if [[ "${PWD}" == *"/.worktrees/"* && "${target}" != /* ]]; then
+    target="${PWD}/${target}"
+  fi
+
+  # If path looks like worktree-name/subpath, check if first component is a worktree
+  if [[ "${target}" != /* && "${target}" == */* ]]; then
+    local first_component="${target%%/*}"
+    if [[ -d "${worktrees_dir}/${first_component}" ]]; then
+      target="${worktrees_dir}/${target}"
+    fi
+  fi
+
+  # Resolve to absolute path
+  if [[ "${target}" != /* ]]; then
+    target="$(cd "${repo_dir}" && realpath -m "${target}" 2>/dev/null || echo "${repo_dir}/${target}")"
+  fi
+
+  # Safety check: ONLY operate on paths containing /.worktrees/
+  if [[ "${target}" != *"/.worktrees/"* && "${target}" != *"/.worktrees" ]]; then
+    echo "❌ ERROR: worktree-rm can only operate on paths within .worktrees/"
+    echo "   Target: ${target}"
+    echo "   Expected: */.worktrees/*"
+    echo ""
+    echo "   This command is blocked to protect your working directory."
+    return 1
+  fi
+
+  if [[ ! -e "${target}" ]]; then
+    echo "⚠️  Path does not exist: ${target}"
+    return 0
+  fi
+
+  # Determine if this is a worktree root or a path within a worktree
+  local worktree_name="${target#*/.worktrees/}"
+  worktree_name="${worktree_name%%/*}"
+  local worktree_path="${worktrees_dir}/${worktree_name}"
+  local is_worktree_root=false
+
+  if [[ "${target}" == "${worktree_path}" ]]; then
+    is_worktree_root=true
+  fi
+
+  # If we're currently in the directory we're trying to remove, cd out first
+  if [[ "${PWD}" == "${target}"* ]]; then
+    echo "📂 Moving out of target directory..."
+    cd "${repo_dir}" 2>/dev/null || cd ~ || return 1
+  fi
+
+  if [[ "${is_worktree_root}" == true ]]; then
+    echo "🧹 Removing worktree: ${target}"
+    if git -C "${repo_dir}" worktree remove "${target}" --force 2>/dev/null; then
+      echo "✅ Worktree removed successfully"
+    else
+      echo "📁 Not a registered git worktree, removing directory..."
+      rm -rf "${target}"
+      echo "✅ Directory removed"
+    fi
+    git -C "${repo_dir}" worktree prune 2>/dev/null
+  else
+    echo "🧹 Removing: ${target}"
+    if rm -rf "${target}"; then
+      echo "✅ Removed successfully"
+    else
+      echo "❌ Failed to remove: ${target}"
+      return 1
+    fi
+  fi
+
+  echo "🎉 Cleanup complete"
+}
diff --git a/.cursor/rules/commit-and-push.mdc b/.cursor/rules/commit-and-push.mdc
index 92e51f47..417e53b5 100644
--- a/.cursor/rules/commit-and-push.mdc
+++ b/.cursor/rules/commit-and-push.mdc
@@ -6,6 +6,8 @@ alwaysApply: true
 
 # Safe Commands
 
+## Main Workspace
+
 ALWAYS use `tools-git` instead of `git` for ALL git commands (status, add, commit, push, log, diff, etc.).
 ALWAYS use `tools-rm` instead of `rm` for removing files or directories.
 NEVER use raw `git` or `rm` directly — they are not auto-allowed and the safe wrappers enforce repo boundaries.
@@ -20,6 +22,22 @@ tools-git push origin branch-name
 tools-rm dist node_modules
 ```
 
+## Inside `.worktrees/` Directories
+
+Use `worktree-git` and `worktree-rm` instead — `tools-git` will NOT work in worktrees (repo name check fails).
+
+- `worktree-git` — safe git that only runs inside `.worktrees/` directories
+- `worktree-rm` — safe rm that only operates on `.worktrees/` paths
+
+Examples:
+```
+cd .worktrees/fix-branch && worktree-git add -A && worktree-git commit -m "fix: message"
+cd .worktrees/fix-branch && worktree-git push origin HEAD:branch-name
+worktree-rm fix-branch
+```
+
+See `/background-task` skill for the full worktree workflow.
+
 # Committing and Pushing Changes
 
 ## Pre-commit hooks
diff --git a/.cursor/skills/background-task/SKILL.md b/.cursor/skills/background-task/SKILL.md
new file mode 100644
index 00000000..5db81fd8
--- /dev/null
+++ b/.cursor/skills/background-task/SKILL.md
@@ -0,0 +1,257 @@
+---
+name: background-task
+description: Workflow for making changes to git branches WITHOUT affecting the user's current working directory. Use when asked to do anything "in the background" or when modifying a branch you're not currently on.
+---
+
+# Background Task
+
+Created By: Michael Farrell
+Last Edited: April 9, 2026
+
+## Quick Reference
+
+| Command                                                  | Use For                                   |
+| -------------------------------------------------------- | ----------------------------------------- |
+| `git worktree add .worktrees/fix-{name} origin/{branch}` | Create worktree (safe in main workspace)  |
+| `worktree-git {any git command}`                         | ALL git operations in worktrees           |
+| `worktree-rm {name}`                                     | Remove worktree or files within worktrees |
+| `pnpm install --frozen-lockfile`                         | Install deps (no lockfile changes)        |
+| `pnpm install`                                           | Install deps (lockfile update needed)     |
+
+## Critical Rules (NEVER Violate)
+
+| Rule                                       | Why                         |
+| ------------------------------------------ | --------------------------- |
+| **Never `git checkout` in main workspace** | Breaks user's workflow      |
+| **Always `worktree-git` in `.worktrees/`** | Auto-approved, safe         |
+| **Always `worktree-rm` for cleanup**       | Auto-approved, safe         |
+| **Never `rm` in worktrees**                | Requires approval, unsafe   |
+| **Never `tools-git` in worktrees**         | Will fail (repo name check) |
+
+## When to Use
+
+- User says "in background", "fix branch X", "update branch without switching"
+- You're about to run `git checkout` in the main workspace -- **STOP, use worktree instead**
+- Any follow-up changes to a PR after worktree cleanup -- **Create NEW worktree**
+
+## Workflow
+
+### Step 1: Create Worktree
+
+```bash
+cd "$(git rev-parse --show-toplevel)" && \
+  git fetch origin {branch} main && \
+  mkdir -p .worktrees && \
+  worktree-rm fix-{name} 2>/dev/null || true && \
+  git worktree prune && \
+  git worktree add .worktrees/fix-{name} origin/{branch}
+```
+
+### Step 2: Install Dependencies
+
+```bash
+cd .worktrees/fix-{name} && \
+  pnpm install --frozen-lockfile
+```
+
+#### When Lockfile Updates Are Needed
+
+If you're adding a **new package** or modifying `package.json` dependencies, the lockfile must be updated. You'll see this error with `--frozen-lockfile`:
+
+```
+ERR_PNPM_FROZEN_LOCKFILE  Cannot install with "frozen-lockfile" because pnpm-lock.yaml is not up to date
+```
+
+**Fix:** Drop the `--frozen-lockfile` flag:
+
+```bash
+pnpm install
+```
+
+| Scenario                                    | Command                          |
+| ------------------------------------------- | -------------------------------- |
+| Normal install (no new packages)            | `pnpm install --frozen-lockfile` |
+| Adding new package / lockfile update needed | `pnpm install`                   |
+
+### Step 3: Merge Main (REQUIRED)
+
+```bash
+cd .worktrees/fix-{name} && \
+  worktree-git fetch origin main && \
+  BEHIND=$(worktree-git rev-list --count HEAD..origin/main) && \
+  if [ "$BEHIND" -gt 0 ]; then \
+    echo "Branch is $BEHIND commits behind main. Merging..." && \
+    worktree-git merge origin/main -m "Merge branch 'main'" --no-edit; \
+  fi
+```
+
+### Step 4: Make Changes
+
+```bash
+cd .worktrees/fix-{name} && \
+  worktree-git checkout -B {branch} origin/{branch}
+  # ... edit files ...
+```
+
+### Step 5: Build (if cross-package changes)
+
+When changes span multiple packages, build in dependency order:
+
+```bash
+cd .worktrees/fix-{name} && \
+  pnpm run --dir packages/utils build && \
+  pnpm run --dir packages/sdk build && \
+  pnpm run --dir packages/cli build
+```
+
+Skip packages that aren't affected by your changes.
+
+### Step 6: Commit and Push
+
+**Important:** When a worktree is first created with `git worktree add`, it is checked out in a detached-HEAD state. Always use `HEAD:{branch}` refspec when pushing to avoid silently pushing stale commits from the main workspace. Step 4's `checkout -B` attaches HEAD to the branch, but the explicit `HEAD:{branch}` form is always safe.
+
+```bash
+cd .worktrees/fix-{name} && \
+  pnpm run format && \
+  worktree-git add -A && \
+  worktree-git commit -m "fix: description" && \
+  worktree-git push origin HEAD:{branch}
+```
+
+### Step 7: Create or Update PR
+
+Use `gh pr create --draft` for AI-generated PRs.
+
+### Step 8: Cleanup
+
+```bash
+worktree-rm fix-{name}
+```
+
+## Batched Workflow (Single Command)
+
+```bash
+# Setup + install + merge (one approval)
+cd "$(git rev-parse --show-toplevel)" && \
+  git fetch origin {branch} main && \
+  mkdir -p .worktrees && \
+  worktree-rm fix-{name} 2>/dev/null || true && \
+  git worktree prune && \
+  git worktree add .worktrees/fix-{name} origin/{branch} && \
+  cd .worktrees/fix-{name} && \
+  pnpm install --frozen-lockfile && \
+  BEHIND=$(worktree-git rev-list --count HEAD..origin/main) && \
+  if [ "$BEHIND" -gt 0 ]; then \
+    worktree-git merge origin/main -m "Merge branch 'main'" --no-edit || \
+    (worktree-git merge --abort && echo "Conflicts, continuing without merge"); \
+  fi
+
+# File edits (auto-approve in .worktrees/)
+
+# Commit + push (one approval) — use HEAD:{branch} for detached worktrees
+cd .worktrees/fix-{name} && \
+  pnpm run format && \
+  worktree-git add -A && \
+  worktree-git commit -m "fix: message" && \
+  worktree-git push origin HEAD:{branch}
+
+# Create/update PR
+# gh pr create --draft --title "fix: title" --body "description"
+
+# Cleanup
+worktree-rm fix-{name}
+```
+
+## Mandatory Functions
+
+**`worktree-git` and `worktree-rm` are auto-loaded via the Cursor preToolUse hook** (`.cursor/hooks/preload-shell-functions.sh`). They are available in every Shell tool call automatically.
+
+If they're not available, verify:
+
+```bash
+type worktree-git &>/dev/null || echo "ERROR: worktree-git not loaded - check hook"
+type worktree-rm &>/dev/null || echo "ERROR: worktree-rm not loaded - check hook"
+```
+
+## Auto-Approval for Speed
+
+**`worktree-git` and `worktree-rm` should be auto-approved in Cursor settings**, meaning they run without requiring user intervention. This is safe because they only work inside `.worktrees/` directories.
+
+| Command        | User Approval Required | Why                                |
+| -------------- | ---------------------- | ---------------------------------- |
+| `worktree-git` | No (auto-approved)     | Safe - only works in `.worktrees/` |
+| `worktree-rm`  | No (auto-approved)     | Safe - only works in `.worktrees/` |
+| `tools-git`    | No (auto-approved)     | Safe - only works in tools repo    |
+| `tools-rm`     | No (auto-approved)     | Safe - only works in tools repo    |
+| `git`          | Yes                    | Could modify main workspace        |
+| `rm`           | Yes                    | Could delete important files       |
+
+**Always use `worktree-git` and `worktree-rm` in worktrees to maximize speed.**
+
+## Important: `tools-git` vs `worktree-git`
+
+- **`tools-git`** -- for git operations in the **main workspace**. Checks that `basename` of the repo root is `tools`. **Will NOT work in worktrees** because `git rev-parse --show-toplevel` returns the worktree path (e.g., `.worktrees/fix-foo`).
+- **`worktree-git`** -- for git operations **inside `.worktrees/`** directories. Checks that `$PWD` contains `/.worktrees/`.
+
+Never mix them up. Use `tools-git` in the main workspace, `worktree-git` in worktrees.
+
+## Troubleshooting
+
+### `worktree-git` fails
+
+Functions are auto-loaded via the preToolUse hook. If not working:
+
+```bash
+source .cursor/hooks/shell-functions/worktree-git.sh
+```
+
+### pnpm install fails
+
+```bash
+cd .worktrees/fix-{name} && \
+  worktree-rm node_modules && \
+  pnpm install --frozen-lockfile
+```
+
+### Worktree already exists
+
+```bash
+worktree-rm fix-{name}
+git worktree prune
+git worktree add .worktrees/fix-{name} origin/{branch}
+```
+
+### Merge conflicts
+
+```bash
+cd .worktrees/fix-{name} && \
+  worktree-git merge origin/main && \
+  # resolve conflicts...
+  worktree-git add -A && \
+  worktree-git commit -m "fix: resolve merge conflicts"
+```
+
+### Push from detached worktree is stale
+
+If `worktree-git push origin {branch}` pushes old commits, the worktree is detached and the push resolved the branch ref from the main workspace. Always use the `HEAD:` refspec:
+
+```bash
+worktree-git push origin HEAD:{branch}
+```
+
+### Build errors across packages
+
+Never run `pnpm run build` at the root if you only changed one package. Build in dependency order:
+
+```bash
+pnpm run --dir packages/utils build    # if utils changed
+pnpm run --dir packages/sdk build      # if sdk changed (depends on utils)
+pnpm run --dir packages/cli build      # if cli changed (depends on sdk + utils)
+```
+
+### Pre-commit hook failures in worktree
+
+The husky hooks may not be installed in worktrees. If `git commit` fails with hook errors, either:
+
+1. Run `pnpm run format && pnpm run lint` manually before committing
+2. Use `worktree-git commit --no-verify -m "message"` (only if you've already run quality checks)
diff --git a/.gitignore b/.gitignore
index 2ba7ee91..34105019 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,4 +7,5 @@ mise.local.lock
 mise.local.toml
 node_modules
 *.tsbuildinfo
+.worktrees
 secret.env
\ No newline at end of file

From bdc29e1fa470125186d312a1765970a36c41388b Mon Sep 17 00:00:00 2001
From: Michael Farrell <mike@transcend.io>
Date: Thu, 9 Apr 2026 17:11:01 -0700
Subject: [PATCH 02/12] UpdateS

---
 .cursor/agents/consent-triage-inspector.md    | 123 ++++++++
 .cursor/agents/consent-triage-researcher.md   |  94 ++++++
 .cursor/rules/commit-and-push.mdc             |  18 ++
 .cursor/skills/consent-triage/SKILL.md        | 256 ++++++++++++++++
 .../skills/consent-triage/docs-reference.md   |  99 ++++++
 .gitignore                                    |   3 +-
 .../src/prompts/consent_inspect_site.ts       | 287 ++++++++++++++++++
 .../src/prompts/consent_research_tracker.ts   | 147 +++++++++
 .../src/prompts/consent_triage.ts             | 139 +++++++++
 .../mcp-server-consent/src/prompts/index.ts   |  15 +
 .../src/resources/classification_guide.ts     |  63 ++++
 .../mcp-server-consent/src/resources/index.ts |  13 +
 packages/mcp/mcp-server-core/src/index.ts     |   9 +
 .../mcp/mcp-server-core/src/prompts/types.ts  |  47 +++
 .../mcp-server-core/src/resources/types.ts    |  17 ++
 .../src/server/create-server.ts               | 104 ++++++-
 16 files changed, 1428 insertions(+), 6 deletions(-)
 create mode 100644 .cursor/agents/consent-triage-inspector.md
 create mode 100644 .cursor/agents/consent-triage-researcher.md
 create mode 100644 .cursor/skills/consent-triage/SKILL.md
 create mode 100644 .cursor/skills/consent-triage/docs-reference.md
 create mode 100644 packages/mcp/mcp-server-consent/src/prompts/consent_inspect_site.ts
 create mode 100644 packages/mcp/mcp-server-consent/src/prompts/consent_research_tracker.ts
 create mode 100644 packages/mcp/mcp-server-consent/src/prompts/consent_triage.ts
 create mode 100644 packages/mcp/mcp-server-consent/src/prompts/index.ts
 create mode 100644 packages/mcp/mcp-server-consent/src/resources/classification_guide.ts
 create mode 100644 packages/mcp/mcp-server-consent/src/resources/index.ts
 create mode 100644 packages/mcp/mcp-server-core/src/prompts/types.ts
 create mode 100644 packages/mcp/mcp-server-core/src/resources/types.ts

diff --git a/.cursor/agents/consent-triage-inspector.md b/.cursor/agents/consent-triage-inspector.md
new file mode 100644
index 00000000..1e1fd189
--- /dev/null
+++ b/.cursor/agents/consent-triage-inspector.md
@@ -0,0 +1,123 @@
+---
+name: consent-triage-inspector
+description: >-
+  Inspects how trackers load on a live website using Chrome DevTools MCP.
+  Use when investigating how a data flow or cookie gets onto a page --
+  whether it's a direct script, loaded via tag manager, in an iframe,
+  or dynamically injected. Checks ad infrastructure, consent state, and
+  airgap classification.
+model: fast
+readonly: true
+is_background: true
+---
+
+You are a web inspector specialist. Your job is to analyze how trackers
+load on live websites using Chrome DevTools MCP tools (navigate, evaluate).
+
+## Input
+
+You will receive:
+
+- A target site URL with regime override parameters
+- A list of tracker domains to look for
+
+## Important: Platform vs Client Sites
+
+The bundle name (e.g. "acme-platform") may be a platform provider, not
+the site with actual trackers. If the primary domain is a corporate landing
+page without ad trackers, find a real client site from links on the homepage
+and use that instead.
+
+## Setup
+
+### 1. Navigate with debug overrides
+
+Use the Chrome DevTools `navigate` tool with the override URL:
+`{site}/#tcm-regime={regime}&tcm-prompt=Hidden&log=*`
+
+### 2. Verify consent state
+
+Evaluate JS to check `airgap.getRegimes()`, `airgap.getConsent().purposes`,
+and `airgap.getRegimePurposes()`. All purposes should be `true` or `"Auto"`.
+
+If not, opt in manually:
+
+```javascript
+airgap.optIn(Object.fromEntries(airgap.getRegimePurposes().map((p) => [p, true])));
+```
+
+## Investigation
+
+Run the following checks via JS evaluation in DevTools. Write your own
+snippets or adapt from the `consent-inspect-site` MCP prompt methodology.
+
+### 3. Performance entries
+
+Use `performance.getEntriesByType('resource')` and filter for each tracker
+domain. Record URL, initiator type, duration, and transfer size.
+
+### 4. Search page HTML
+
+Search `document.documentElement.outerHTML` for each tracker domain. Capture
+surrounding context (100 chars before/after) to understand placement.
+
+### 5. Ad infrastructure
+
+Find ad-related `<script src>` tags (prebid, googletag, taboola, criteo,
+amazon-adsystem, adsbygoogle, doubleclick -- non-exhaustive, look broadly).
+Find ad slot elements (`[data-prebid]`, `[data-ad]`, `[data-ad-slot]`,
+`[data-ad-unit]`, etc.) and ad iframes.
+
+### 6. Inline init scripts
+
+Check `<script>` tags without `src` for ad platform initialization code
+(prebid config, googletag slot definitions, etc.).
+
+### 7. Window globals and ad config
+
+Scan `Object.keys(window)` for known ad globals (`pbjs`, `googletag`,
+`__tcfapi`, `__gpp`, `adsbygoogle`, `_taboola`, `criteo_q`, `apstag`).
+Inspect any found config objects.
+
+### 8. Airgap classification
+
+For each tracker domain, call `await airgap.getPurposes('https://{domain}/')`
+and `await airgap.isAllowed('https://{domain}/')` to see how Transcend
+currently classifies it.
+
+### 9. Console logs
+
+Read browser console output. The `log=*` override makes airgap emit
+detailed allow/block decisions for every request.
+
+## Output
+
+For each tracker return:
+
+```json
+{
+  "domain": "<domain>",
+  "found_on_page": true,
+  "loading_method": "direct_script|tag_manager|iframe|dynamic|not_found",
+  "loaded_by": "<what script or mechanism loads it>",
+  "in_main_document": true,
+  "airgap_purposes": ["Advertising"],
+  "airgap_allowed": true,
+  "ad_infrastructure": "<detected ad chain, e.g. Prebid -> GPT>",
+  "related_config": "<relevant config values>",
+  "notes": "<additional observations>"
+}
+```
+
+Also return a site summary:
+
+```json
+{
+  "site_investigated": "<actual URL used>",
+  "ad_stack": "<detected stack, e.g. Prebid -> Google Publisher Tags>",
+  "consent_manager": "Transcend CMP",
+  "total_ad_slots": "<count>",
+  "total_scripts": "<count>",
+  "total_iframes": "<count>"
+}
+```
diff --git a/.cursor/agents/consent-triage-researcher.md b/.cursor/agents/consent-triage-researcher.md
new file mode 100644
index 00000000..627db6ab
--- /dev/null
+++ b/.cursor/agents/consent-triage-researcher.md
@@ -0,0 +1,94 @@
+---
+name: consent-triage-researcher
+description: >-
+  Researches trackers, cookies, and data flows for consent classification.
+  Use when investigating what a tracker does, who operates it, and what
+  consent purpose it should be classified under. Identifies companies,
+  fetches privacy policies, checks CMP databases, and determines whether
+  a tracker is Essential, Advertising, Analytics, Functional, or SaleOfInfo.
+model: fast
+readonly: true
+is_background: true
+---
+
+You are a privacy research specialist. Your job is to research trackers and
+data flows to determine their correct consent classification.
+
+## Input
+
+You will receive:
+
+- A table of trackers/data flows with columns:
+  id, domain/name, type, auto-service, auto-purposes, occurrences
+- The customer's available tracking purposes (from `consent_list_purposes`)
+- Which purposes are actively used in which regimes
+
+Only recommend purposes from the provided list.
+
+## Research Steps (for EACH item)
+
+1. **Company identification**: Search the root domain (strip subdomains) to
+   find the operating company. Check for recent acquisitions or rebrands.
+
+2. **First-party privacy docs**: Find and read the company's privacy/cookie
+   policy. Look for how they classify their own tracking, what data they
+   collect, and stated purposes.
+
+3. **Service description**: Understand the business model. Ad tech? Analytics?
+   CMP? CDN? What specific product does this domain serve?
+
+4. **CMP databases**: Search cookiedatabase.org, cookiepedia.co.uk,
+   better.fyi/trackers, and Ghostery TrackerDB for existing classifications.
+
+5. **Third-party cookie policies**: Find other companies' published cookie
+   policies that classify this same tracker/service.
+
+6. **Essential vs non-essential**: Based on all evidence, would the site
+   break without this? Is it required for core functionality?
+
+## Output (for EACH item)
+
+Return JSON:
+
+```json
+{
+  "id": "<item id>",
+  "domain": "<domain or cookie name>",
+  "company_name": "<identified company>",
+  "company_description": "<what the company does, 1-2 sentences>",
+  "service_url": "<company homepage>",
+  "specific_product": "<what product/feature this domain serves>",
+  "recommended_purposes": ["Advertising", "Analytics"],
+  "confidence": "High|Medium|Low",
+  "is_junk": false,
+  "evidence_summary": "<2-3 sentence summary with key facts>",
+  "sources": ["<url1>", "<url2>"],
+  "suggested_description": "<one-line description to save as Transcend note>",
+  "first_party_privacy_url": "<URL of their privacy/cookie policy if found>",
+  "other_cmps_classify_as": "<what other CMPs say>"
+}
+```
+
+## Classification Rules
+
+IMPORTANT: Each customer has different purposes configured. The parent agent
+will provide the customer's available purposes in the prompt. Only recommend
+purposes from that list. If your research suggests a purpose category that
+doesn't exist for this customer, note it and suggest the closest available match.
+
+Common purpose patterns (for reference -- always verify against customer config):
+
+- Essential = site breaks without it (auth, security, CMP, CDN)
+- Functional = enhanced features (chat, preferences, A/B tests)
+- Analytics = usage measurement (GA, pageview counters)
+- Advertising = ad serving, targeting, retargeting, header bidding
+- SaleOfInfo = data sold/shared with third parties
+
+Items can have multiple purposes. Mark as junk if it's from a browser
+extension, malware, or not intentionally placed by the site operator.
+
+## Confidence Levels
+
+- **High**: First-party docs confirm, OR multiple CMPs agree, OR well-known tracker
+- **Medium**: Some evidence but no definitive first-party docs
+- **Low**: No docs found, best-guess only -- flag for manual review
diff --git a/.cursor/rules/commit-and-push.mdc b/.cursor/rules/commit-and-push.mdc
index 92e51f47..417e53b5 100644
--- a/.cursor/rules/commit-and-push.mdc
+++ b/.cursor/rules/commit-and-push.mdc
@@ -6,6 +6,8 @@ alwaysApply: true
 
 # Safe Commands
 
+## Main Workspace
+
 ALWAYS use `tools-git` instead of `git` for ALL git commands (status, add, commit, push, log, diff, etc.).
 ALWAYS use `tools-rm` instead of `rm` for removing files or directories.
 NEVER use raw `git` or `rm` directly — they are not auto-allowed and the safe wrappers enforce repo boundaries.
@@ -20,6 +22,22 @@ tools-git push origin branch-name
 tools-rm dist node_modules
 ```
 
+## Inside `.worktrees/` Directories
+
+Use `worktree-git` and `worktree-rm` instead — `tools-git` will NOT work in worktrees (repo name check fails).
+
+- `worktree-git` — safe git that only runs inside `.worktrees/` directories
+- `worktree-rm` — safe rm that only operates on `.worktrees/` paths
+
+Examples:
+```
+cd .worktrees/fix-branch && worktree-git add -A && worktree-git commit -m "fix: message"
+cd .worktrees/fix-branch && worktree-git push origin HEAD:branch-name
+worktree-rm fix-branch
+```
+
+See `/background-task` skill for the full worktree workflow.
+
 # Committing and Pushing Changes
 
 ## Pre-commit hooks
diff --git a/.cursor/skills/consent-triage/SKILL.md b/.cursor/skills/consent-triage/SKILL.md
new file mode 100644
index 00000000..b4065a66
--- /dev/null
+++ b/.cursor/skills/consent-triage/SKILL.md
@@ -0,0 +1,256 @@
+---
+name: consent-triage
+description: >-
+  Triage cookies and data flows in Transcend Consent Manager. Fetches triage
+  backlog, researches trackers in parallel batches, presents findings for user
+  review, and pushes classifications back to Transcend. Use when the user
+  mentions cookie triage, data flow triage, consent triage, classify trackers,
+  or consent manager cleanup.
+---
+
+# Consent Triage
+
+Systematically research and classify cookies and data flows discovered by
+Transcend's consent telemetry, then push approved classifications back.
+
+Before starting, read these reference docs:
+
+- [docs-reference.md](docs-reference.md) -- Transcend documentation links and console commands
+
+This skill uses two custom agents defined in `.cursor/agents/`:
+
+- **consent-triage-researcher** -- web research for tracker classification
+- **consent-triage-inspector** -- live site investigation via Chrome DevTools
+
+## Workflow
+
+### Phase 1: Setup
+
+1. Get the consent manager info (the airgap bundle ID is auto-resolved from
+   the API key -- you do not need to pass it to any tool):
+
+```
+consent_list_airgap_bundles
+```
+
+2. Get triage stats to show the user the backlog size:
+
+```
+consent_get_triage_stats
+```
+
+3. Fetch the customer's configured tracking purposes and regimes:
+
+```
+consent_list_purposes   -> save as available_purposes
+consent_list_regimes    -> save as configured_regimes
+```
+
+This is critical: customers have different purposes configured. Do NOT assume
+the defaults (Essential, Functional, Analytics, Advertising, SaleOfInfo) exist.
+Use ONLY the purposes returned by `consent_list_purposes` for classification.
+
+The regimes tool now returns real consent experience data including:
+
+- Which purposes can be opted out of per experience
+- Which purposes are opted out by default
+- Regions, view state, consent expiry settings
+
+Use this to determine the most permissive regime for live site investigation.
+Build a mapping of purpose -> which regimes use it.
+
+4. Present the customer's setup to the user:
+
+```
+| Purpose         | Slug          | Used in Regimes              |
+|-----------------|---------------|------------------------------|
+| (from API)      | (from API)    | (cross-ref with regimes)     |
+```
+
+5. Present triage stats:
+
+```
+| Metric              | Cookies | Data Flows |
+|---------------------|---------|------------|
+| Needs Review        | X       | Y          |
+| Live (Approved)     | X       | Y          |
+| Junk                | X       | Y          |
+```
+
+6. Ask the user what to triage (cookies, data flows, or both) and confirm the
+   batch size (default: 10).
+
+### Phase 2: Fetch Batch
+
+Fetch the next batch of items needing review, sorted by highest traffic first:
+
+```
+consent_list_cookies { status: "NEEDS_REVIEW", limit: <batch_size> }
+
+consent_list_data_flows { status: "NEEDS_REVIEW", limit: <batch_size> }
+```
+
+Note: `status` is a required parameter. Use `"NEEDS_REVIEW"` for triage
+backlog or `"LIVE"` for approved items. The airgap bundle ID is automatically
+resolved -- do not pass it.
+
+Present the batch in this table format:
+
+```
+| # | Name/Domain | Type | Service | Auto-Purposes | Occurrences | Sites | First Seen |
+|---|-------------|------|---------|---------------|-------------|-------|------------|
+```
+
+### Phase 3: Research (Parallel Subagents)
+
+Launch the custom agents in parallel. Cursor will auto-delegate to the
+matching agent based on the task description.
+
+Spawn pattern for a batch of N items:
+
+- **2+ consent-triage-researcher** agents: split items into groups of 3-5,
+  provide each group as a table with id, domain, type, service, occurrences.
+  MUST also pass the customer's available purposes and regime-purpose mapping
+  from Phase 1 so the researcher only recommends valid purposes.
+- **1 consent-triage-inspector** agent: provide all tracker domains + the
+  site URL with regime override parameters
+
+All agents run as background tasks (`is_background: true`) in parallel.
+
+IMPORTANT: The bundle name (e.g. "acme-platform") may be a platform
+provider, not the actual site with trackers. If the main domain is a corporate
+page, find a real client site from the homepage and use that instead.
+
+Each subagent should perform **two types of investigation**:
+
+**A) Web Research** (use WebSearch/WebFetch):
+
+- Identify the company (strip subdomains for broader matches, check for acquisitions)
+- Research their business model -- ad tech? analytics? CDN? CMP?
+- Fetch their privacy/cookie policy for first-party classification evidence
+- Search CMP databases: cookiedatabase.org, better.fyi/trackers, Ghostery, Cookiepedia
+- Find other companies' cookie policies that classify the same tracker
+- Determine: Essential vs Advertising vs Analytics vs Functional vs SaleOfInfo
+
+**B) Live Site Investigation** (use Chrome DevTools MCP):
+
+- Navigate to a site from the bundle using overrides for debugging:
+  `https://{site}/#tcm-regime={permissive_regime}&tcm-prompt=Hidden&log=*`
+- The regime override should use the most permissive regime where purposes
+  default to opted-in (not blocked). Determine this from Phase 1 regime data.
+  If all regimes block by default, load the page and run:
+  `airgap.optIn(Object.fromEntries(airgap.getRegimePurposes().map(p=>[p,true])))`
+- Then verify consent state: `airgap.getConsent().purposes` -- all should be
+  `true` or `"Auto"` (except block-by-default purposes).
+- Read console logs (`browser_get_console_logs` or DevTools) -- the `log=*`
+  override makes airgap emit detailed logs for every request it evaluates,
+  including allow/block decisions and purpose lookups. Search these logs for
+  the tracker domain to see exactly how airgap classifies and handles it.
+- Search page HTML and performance resource entries for the tracker domain
+- Identify how it loads: direct `<script>`, tag manager, iframe, dynamic injection
+- Inspect ad infrastructure: ad slot divs (`[data-prebid]`, `[data-ad-slot]`), inline
+  initialization scripts, window globals (`pbjs`, `googletag`, `adsbygoogle`)
+- Check ad config objects for consent integration, autoPageviewPixel, siteId, etc.
+- Run `await airgap.getPurposes('{url}')` to see what Transcend classifies it as
+- Run `await airgap.isAllowed('{url}')` to check current regulation status
+
+The consent-triage-inspector agent has all the JS evaluation snippets built in.
+
+Each subagent returns a structured finding per item.
+
+### Phase 4: Present Findings
+
+Present all research results in review tables. For each item:
+
+```
+### {name/domain}
+| Field              | Value                                           |
+|--------------------|-------------------------------------------------|
+| Type               | Cookie / Data Flow (HOST/REGEX)                 |
+| Domain             | `example.com`                                   |
+| Service            | Service Name (or "Unknown")                     |
+| Current Purposes   | What Transcend auto-classified (if any)          |
+| Recommended Purpose| Your research-based recommendation               |
+| Confidence         | High / Medium / Low                              |
+| How Loaded         | Direct script / Tag manager / iframe / Dynamic   |
+| Sites Seen On      | X all-time, Y last week                         |
+| Occurrences        | N                                                |
+| First/Last Seen    | date / date                                      |
+| Evidence           | Brief summary + source URLs                     |
+| Recommended Action | APPROVE with purposes / JUNK / NEEDS MANUAL REVIEW |
+| Suggested Note     | Description to save to Transcend                 |
+```
+
+Then show a summary action table:
+
+```
+| # | Name/Domain        | Action  | Purposes                  | Service    | Note            |
+|---|--------------------|---------|---------------------------|------------|-----------------|
+| 1 | tracker.example.com| APPROVE | Advertising, Analytics    | ExampleCo  | Ad bidding SDK  |
+| 2 | junk.extension.io  | JUNK    | --                        | --         | Browser ext     |
+| 3 | internal.mysite.com| REVIEW  | Essential?                | Internal   | Needs eng input |
+```
+
+Ask the user to confirm, modify, or reject each recommendation before proceeding.
+
+### Phase 5: Push Classifications
+
+For confirmed items, update Transcend using the MCP tools.
+
+For individual updates with notes/descriptions:
+
+```
+consent_update_data_flows {
+  data_flows: [{ id, tracking_purposes, description, service, status: "LIVE" }]
+}
+
+consent_update_cookies {
+  cookies: [{ name, tracking_purposes, description, service, status: "LIVE" }]
+}
+```
+
+For bulk approve/junk without custom descriptions:
+
+```
+consent_bulk_triage {
+  items: [{ type: "data_flow", id, action: "APPROVE", tracking_purposes }]
+}
+```
+
+After pushing, report what was updated and show remaining triage count.
+
+### Phase 6: Loop
+
+Ask the user if they want to continue with the next batch. Repeat from Phase 2
+until the backlog is cleared or the user stops.
+
+## Tracking Purpose Reference
+
+IMPORTANT: Do NOT hardcode purpose names. Each customer configures their own
+purposes. Always use the list from `consent_list_purposes` (fetched in Phase 1).
+
+Common defaults (for reference only -- verify these exist for the customer):
+
+| Purpose     | Typical Use                                         |
+| ----------- | --------------------------------------------------- |
+| Essential   | Required for site to function (auth, security, CMP) |
+| Functional  | Enhanced features (chat, preferences, A/B tests)    |
+| Analytics   | Usage measurement (GA, pageview counters)           |
+| Advertising | Ad serving, targeting, retargeting, header bidding  |
+| SaleOfInfo  | Data sold/shared with third parties for their use   |
+
+Customers may have added custom purposes, renamed defaults, or removed some.
+Only recommend purposes that exist in the customer's configuration. If research
+suggests a purpose that doesn't exist for this customer, flag it for the user
+and suggest the closest match from their available purposes.
+
+Items can have multiple purposes (e.g. `["Advertising", "Analytics"]`).
+
+## Junk Indicators
+
+Mark as JUNK if the tracker is:
+
+- From a browser extension (e.g. Grammarly, LastPass, ad blockers injecting)
+- Malware/unwanted injection not placed by the site operator
+- Clearly a development/testing artifact
+- A subdomain variant of an already-approved regex rule
diff --git a/.cursor/skills/consent-triage/docs-reference.md b/.cursor/skills/consent-triage/docs-reference.md
new file mode 100644
index 00000000..8db99f99
--- /dev/null
+++ b/.cursor/skills/consent-triage/docs-reference.md
@@ -0,0 +1,99 @@
+# Transcend Consent Documentation Reference
+
+Read these docs before beginning a triage session to understand the full context.
+
+## Key Documentation Links
+
+| Doc                           | URL                                                                                                         | When to Read                       |
+| ----------------------------- | ----------------------------------------------------------------------------------------------------------- | ---------------------------------- |
+| Triage Guide                  | https://docs.transcend.io/docs/articles/consent-management/configuration/triage-cookies-and-dataflows-guide | Before starting any triage         |
+| Debugging & Testing           | https://docs.transcend.io/docs/articles/consent-management/reference/debugging-and-testing                  | Before live site investigation     |
+| Troubleshooting               | https://docs.transcend.io/docs/articles/consent-management/reference/troubleshoot-consent                   | When investigation hits issues     |
+| Data Flows & Cookies Overview | https://docs.transcend.io/docs/articles/consent-management/concepts/data-flows-and-cookies                  | Background on how telemetry works  |
+| Tracking Purposes             | https://docs.transcend.io/docs/articles/consent-management/concepts/tracking-purposes                       | Understanding purpose taxonomy     |
+| Regional Experiences          | https://docs.transcend.io/docs/articles/consent-management/configuration/regional-experiences               | Understanding regime configuration |
+| Telemetry Overview            | https://docs.transcend.io/docs/articles/consent-management/configuration/telemetry-overview                 | How trackers are discovered        |
+
+## URL Override Parameters for Testing
+
+Load a site with hash parameters to control consent behavior without changing
+configuration. These are critical for live site investigation.
+
+```
+https://{site}/#tcm-regime={regime_name}&tcm-prompt=Hidden&log=*
+```
+
+| Parameter          | Description                     | Example                                |
+| ------------------ | ------------------------------- | -------------------------------------- |
+| `tcm-regime`       | Force a specific privacy regime | `GDPR+-+Standard`, `CCPA`, `No+Regime` |
+| `tcm-prompt`       | Control UI behavior             | `Hidden` (suppress banner)             |
+| `log`              | Enable debug logging            | `*` (all logs)                         |
+| `data-report-only` | Override regulation mode        | `off` (enforce blocking)               |
+
+### Choosing the Right Regime Override
+
+Goal: Load the page in a state where all non-essential trackers are **allowed**
+so you can observe them firing.
+
+1. Fetch regimes with `consent_list_regimes` -- this returns real consent
+   experience data including purposes, optedOutPurposes, regions, and viewState
+2. Find the most permissive regime (fewest opted-out purposes, or where most
+   purposes default to opted-in)
+3. If no regime allows everything, use any regime and then opt in manually:
+
+```javascript
+airgap.optIn(Object.fromEntries(airgap.getRegimePurposes().map((p) => [p, true])));
+```
+
+4. Verify: `airgap.getConsent().purposes` -- all should be `true` or `"Auto"`
+
+## Useful Console Commands
+
+| Command                                           | Purpose                                                      |
+| ------------------------------------------------- | ------------------------------------------------------------ |
+| `airgap.getConsent().purposes`                    | Current consent state per purpose                            |
+| `airgap.getRegimes()`                             | Active regime(s) for this session                            |
+| `airgap.getRegimePurposes()`                      | Purposes regulated under current regime                      |
+| `await airgap.getPurposes('{url}')`               | What purposes a URL is classified under                      |
+| `await airgap.isAllowed('{url}')`                 | Whether a URL is currently allowed                           |
+| `await airgap.isCookieAllowed({name:'{name}'})`   | Whether a cookie is allowed                                  |
+| `await airgap.getCookiePurposes({name:'{name}'})` | Cookie's assigned purposes                                   |
+| `airgap.export().requests`                        | Quarantined requests                                         |
+| `airgap.export().cookies`                         | Quarantined cookies                                          |
+| `airgap.export().sentRequests`                    | Requests detected as sent (needs `data-monitoring="export"`) |
+| `airgap.export().setCookies`                      | Cookies detected as set (needs `data-monitoring="export"`)   |
+| `airgap.loadOptions.reportOnly`                   | Whether report-only mode is active                           |
+| `airgap.version`                                  | Current airgap version                                       |
+
+## External Research Tools
+
+| Tool                | URL                                | Use For                        |
+| ------------------- | ---------------------------------- | ------------------------------ |
+| CookieDatabase.org  | https://cookiedatabase.org/        | Cookie name lookup             |
+| better.fyi trackers | https://better.fyi/trackers/       | Domain-to-company lookup       |
+| Ghostery TrackerDB  | https://www.ghostery.com/trackerdb | Tracker classification         |
+| Cookiepedia         | https://cookiepedia.co.uk/         | Cookie purpose database        |
+| BuiltWith           | https://builtwith.com/             | Identify site technology stack |
+| urlscan.io          | https://urlscan.io/                | Domain/infrastructure analysis |
+
+## MCP Tools Quick Reference
+
+All tools auto-resolve the airgap bundle ID from the API key. You never need
+to pass `airgap_bundle_id`.
+
+### Read-only (safe to call anytime)
+
+- `consent_list_airgap_bundles` -- get consent manager info (bundle ID, URLs, config)
+- `consent_get_triage_stats` -- backlog overview (supports `show_zero_activity` filter)
+- `consent_list_purposes` -- available tracking purposes
+- `consent_list_regimes` -- consent experiences with regions, purposes, opted-out purposes
+- `consent_list_cookies { status: "NEEDS_REVIEW" }` -- cookies needing review (paginated)
+- `consent_list_cookies { status: "LIVE" }` -- approved cookies
+- `consent_list_data_flows { status: "NEEDS_REVIEW" }` -- data flows needing review (paginated)
+- `consent_list_data_flows { status: "LIVE" }` -- approved data flows
+
+### Write (require user confirmation before calling)
+
+- `consent_update_cookies` -- update individual cookies (purposes, description, status, service)
+- `consent_update_data_flows` -- update individual data flows
+- `consent_bulk_triage` -- bulk approve or junk multiple items at once
diff --git a/.gitignore b/.gitignore
index 2ba7ee91..0590eb68 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,10 +1,11 @@
 .DS_Store
 .pnpm-store
 .turbo
+.worktrees
 coverage
 dist
 mise.local.lock
 mise.local.toml
 node_modules
 *.tsbuildinfo
-secret.env
\ No newline at end of file
+secret.env
diff --git a/packages/mcp/mcp-server-consent/src/prompts/consent_inspect_site.ts b/packages/mcp/mcp-server-consent/src/prompts/consent_inspect_site.ts
new file mode 100644
index 00000000..f093bbbf
--- /dev/null
+++ b/packages/mcp/mcp-server-consent/src/prompts/consent_inspect_site.ts
@@ -0,0 +1,287 @@
+import type { PromptDefinition } from '@transcend-io/mcp-server-core';
+
+export const consentInspectSitePrompt: PromptDefinition = {
+  name: 'consent-inspect-site',
+  description:
+    'Live site investigation methodology for consent triage using browser DevTools. ' +
+    'Covers regime overrides, consent verification, performance entries, HTML search, ' +
+    'ad infrastructure checks, and airgap classification queries.',
+  arguments: [
+    {
+      name: 'site_url',
+      description: 'The site to investigate (e.g. "https://example.com")',
+      required: true,
+    },
+    {
+      name: 'tracker_domains',
+      description:
+        'Comma-separated tracker domains to look for (e.g. "doubleclick.net,google-analytics.com")',
+      required: true,
+    },
+    {
+      name: 'regime',
+      description:
+        'The most permissive regime name for URL override (e.g. "us"). ' +
+        'Choose the regime with fewest opted-out purposes so trackers fire.',
+      required: false,
+    },
+  ],
+  handler: (args) => {
+    const siteUrl = args.site_url || '(not specified)';
+    const trackerDomains = args.tracker_domains || '(not specified)';
+    const regime = args.regime || 'us';
+    const domainList = trackerDomains
+      .split(',')
+      .map((d) => d.trim())
+      .filter(Boolean);
+    const domainArrayLiteral = JSON.stringify(domainList);
+
+    return [
+      {
+        role: 'user',
+        content: {
+          type: 'text',
+          text:
+            `Investigate how these trackers load on ${siteUrl}: ${trackerDomains}. ` +
+            `Use regime "${regime}" for debug overrides.`,
+        },
+      },
+      {
+        role: 'assistant',
+        content: {
+          type: 'text',
+          text: `## Live Site Investigation
+
+### Important: Platform vs Client Sites
+
+The bundle name (e.g. "acme-platform") may be a platform provider, not the actual
+site with trackers. If the main domain is a corporate page without ad trackers, find a
+real client site from links on the homepage and use that instead.
+
+### Step 1: Navigate with Debug Overrides
+
+Load the page with hash parameters to control consent behavior:
+
+\`\`\`
+${siteUrl}/#tcm-regime=${regime}&tcm-prompt=Hidden&log=*
+\`\`\`
+
+| Parameter | Purpose |
+|-----------|---------|
+| \`tcm-regime=${regime}\` | Force the most permissive privacy regime |
+| \`tcm-prompt=Hidden\` | Suppress the consent banner |
+| \`log=*\` | Enable verbose airgap debug logging |
+
+Reference: https://docs.transcend.io/docs/articles/consent-management/reference/debugging-and-testing
+
+### Step 2: Verify Consent State
+
+\`\`\`javascript
+(() => {
+  if (!window.airgap) return 'airgap not loaded';
+  return JSON.stringify({
+    regimes: airgap.getRegimes(),
+    purposes: airgap.getConsent().purposes,
+    regimePurposes: airgap.getRegimePurposes(),
+  }, null, 2);
+})()
+\`\`\`
+
+All purposes should be \`true\` or \`"Auto"\`. If not, opt in manually:
+
+\`\`\`javascript
+(() => {
+  airgap.optIn(Object.fromEntries(
+    airgap.getRegimePurposes().map(p => [p, true])
+  ));
+  return JSON.stringify(airgap.getConsent().purposes);
+})()
+\`\`\`
+
+### Step 3: Check Performance Entries for Tracker Domains
+
+\`\`\`javascript
+(() => {
+  const domains = ${domainArrayLiteral};
+  const entries = performance.getEntriesByType('resource');
+  const results = {};
+  for (const d of domains) {
+    results[d] = entries.filter(e => e.name.includes(d)).map(e => ({
+      url: e.name,
+      initiator: e.initiatorType,
+      duration: Math.round(e.duration),
+      size: e.transferSize,
+    }));
+  }
+  return JSON.stringify(results, null, 2);
+})()
+\`\`\`
+
+### Step 4: Search Page HTML
+
+\`\`\`javascript
+(() => {
+  const terms = ${domainArrayLiteral};
+  const html = document.documentElement.outerHTML;
+  const results = {};
+  for (const term of terms) {
+    const matches = [];
+    let i = 0;
+    while ((i = html.indexOf(term, i)) !== -1) {
+      matches.push(html.substring(Math.max(0, i - 100), Math.min(html.length, i + 100)));
+      i += term.length;
+      if (matches.length > 3) break;
+    }
+    results[term] = { count: matches.length, samples: matches };
+  }
+  return JSON.stringify(results, null, 2);
+})()
+\`\`\`
+
+### Step 5: Identify Ad Infrastructure
+
+\`\`\`javascript
+(() => {
+  const scripts = Array.from(document.querySelectorAll('script[src]')).map(s => s.src);
+  // Non-exhaustive list of common ad tech scripts; look for any third-party ad scripts beyond these
+  const adScripts = scripts.filter(s =>
+    s.includes('prebid') || s.includes('gpt.js') || s.includes('googletag') ||
+    s.includes('taboola') || s.includes('criteo') || s.includes('amazon-adsystem') ||
+    s.includes('adsbygoogle') || s.includes('doubleclick')
+  );
+  const adDivs = Array.from(document.querySelectorAll(
+    '[data-prebid], [data-ad], [data-ad-slot], [data-ad-unit], [id*="ad-slot"], [id*="ad-unit"], [class*="ad-container"]'
+  ));
+  const adSlots = adDivs.map(d => ({
+    tag: d.tagName, id: d.id, class: d.className?.substring(0, 60),
+    dataSizes: d.getAttribute('data-sizes'),
+    dataPrebid: d.getAttribute('data-prebid'),
+    dataTargeting: d.getAttribute('data-targeting'),
+  }));
+  const iframes = Array.from(document.querySelectorAll('iframe'));
+  const adIframes = iframes.filter(f => f.title?.includes('ad') || f.id?.includes('ad'));
+  return JSON.stringify({
+    adScripts,
+    adSlotCount: adSlots.length,
+    adSlotSamples: adSlots.slice(0, 5),
+    adIframes: adIframes.map(f => ({
+      id: f.id, src: f.src?.substring(0, 150), title: f.title,
+    })),
+  }, null, 2);
+})()
+\`\`\`
+
+### Step 6: Check Inline Initialization Scripts
+
+\`\`\`javascript
+(() => {
+  const scripts = Array.from(document.querySelectorAll('script:not([src])'));
+  const adInline = scripts.filter(s =>
+    s.textContent.includes('prebid') || s.textContent.includes('googletag') ||
+    s.textContent.includes('adsbygoogle') || s.textContent.includes('criteo') ||
+    s.textContent.includes('taboola')
+  );
+  return JSON.stringify(adInline.map(s => ({
+    parent: s.parentElement?.tagName,
+    preview: s.textContent.substring(0, 500),
+  })), null, 2);
+})()
+\`\`\`
+
+### Step 7: Check Window Globals and Ad Config
+
+\`\`\`javascript
+(() => {
+  const knownAdGlobals = ['pbjs', 'googletag', '__tcfapi', '__gpp', '__cmp',
+    'adsbygoogle', '_taboola', 'criteo_q', 'apstag'];
+  const adGlobals = Object.keys(window).filter(k =>
+    knownAdGlobals.some(g => k.toLowerCase().includes(g.toLowerCase()))
+  );
+  const configs = {};
+  for (const g of adGlobals) {
+    try {
+      const val = window[g];
+      if (val && typeof val === 'object') {
+        configs[g] = JSON.stringify(val).substring(0, 500);
+      }
+    } catch {}
+  }
+  return JSON.stringify({ adGlobals, configs }, null, 2);
+})()
+\`\`\`
+
+### Step 8: Check Airgap Classification Per Tracker
+
+\`\`\`javascript
+(async () => {
+  if (!window.airgap) return 'airgap not loaded';
+  const domains = ${domainArrayLiteral};
+  const results = {};
+  for (const d of domains) {
+    try {
+      const purposes = await airgap.getPurposes('https://' + d + '/');
+      const allowed = await airgap.isAllowed('https://' + d + '/');
+      results[d] = { purposes, allowed };
+    } catch (e) { results[d] = { error: e.message }; }
+  }
+  return JSON.stringify(results, null, 2);
+})()
+\`\`\`
+
+### Step 9: Read Console Logs
+
+Read the browser console output. The \`log=*\` override makes airgap emit detailed
+allow/block decisions for every request, including purpose lookups. Search these logs
+for each tracker domain to see how airgap classifies and handles it.
+
+## Useful Console Commands Reference
+
+| Command | Purpose |
+|---------|---------|
+| \`airgap.getConsent().purposes\` | Current consent state per purpose |
+| \`airgap.getRegimes()\` | Active regime(s) for this session |
+| \`airgap.getRegimePurposes()\` | Purposes regulated under current regime |
+| \`await airgap.getPurposes('{url}')\` | What purposes a URL is classified under |
+| \`await airgap.isAllowed('{url}')\` | Whether a URL is currently allowed |
+| \`await airgap.isCookieAllowed({name:'{name}'})\` | Whether a cookie is allowed |
+| \`await airgap.getCookiePurposes({name:'{name}'})\` | Cookie's assigned purposes |
+| \`airgap.export().requests\` | Quarantined requests |
+| \`airgap.export().cookies\` | Quarantined cookies |
+| \`airgap.version\` | Current airgap version |
+
+## Output Format
+
+For each tracker return:
+
+\`\`\`json
+{
+  "domain": "<domain>",
+  "found_on_page": true,
+  "loading_method": "direct_script|tag_manager|iframe|dynamic|not_found",
+  "loaded_by": "<what script or mechanism loads it>",
+  "in_main_document": true,
+  "airgap_purposes": ["Advertising"],
+  "airgap_allowed": true,
+  "ad_infrastructure": "<detected ad chain, e.g. Prebid -> GPT>",
+  "related_config": "<relevant config values>",
+  "notes": "<additional observations>"
+}
+\`\`\`
+
+Also return a site summary:
+
+\`\`\`json
+{
+  "site_investigated": "<actual URL used>",
+  "ad_stack": "<detected stack, e.g. Prebid -> Google Publisher Tags>",
+  "consent_manager": "Transcend CMP",
+  "total_ad_slots": "<count>",
+  "total_scripts": "<count>",
+  "total_iframes": "<count>"
+}
+\`\`\``,
+        },
+      },
+    ];
+  },
+};
diff --git a/packages/mcp/mcp-server-consent/src/prompts/consent_research_tracker.ts b/packages/mcp/mcp-server-consent/src/prompts/consent_research_tracker.ts
new file mode 100644
index 00000000..459e6f6f
--- /dev/null
+++ b/packages/mcp/mcp-server-consent/src/prompts/consent_research_tracker.ts
@@ -0,0 +1,147 @@
+import type { PromptDefinition } from '@transcend-io/mcp-server-core';
+
+export const consentResearchTrackerPrompt: PromptDefinition = {
+  name: 'consent-research-tracker',
+  description:
+    'Research methodology for classifying cookies and data flows. ' +
+    'Covers company identification, privacy policy lookup, CMP database checks, ' +
+    'and structured evidence gathering for consent purpose assignment.',
+  arguments: [
+    {
+      name: 'domain',
+      description: 'The tracker domain or cookie name to research (e.g. "doubleclick.net", "_ga")',
+      required: true,
+    },
+    {
+      name: 'type',
+      description: 'Whether this is a "cookie" or "data_flow" (default: "data_flow")',
+      required: false,
+    },
+    {
+      name: 'available_purposes',
+      description:
+        "Comma-separated list of the customer's configured purposes " +
+        '(e.g. "Essential,Functional,Analytics,Advertising,SaleOfInfo"). ' +
+        'Only recommend purposes from this list.',
+      required: false,
+    },
+  ],
+  handler: (args) => {
+    const domain = args.domain || '(not specified)';
+    const type = args.type || 'data_flow';
+    const purposes = args.available_purposes || '(fetch from consent_list_purposes)';
+
+    return [
+      {
+        role: 'user',
+        content: {
+          type: 'text',
+          text: `Research the ${type} "${domain}" to determine its consent classification. Available purposes: ${purposes}`,
+        },
+      },
+      {
+        role: 'assistant',
+        content: {
+          type: 'text',
+          text: `## Research Methodology
+
+For each tracker or cookie, follow these steps in order:
+
+### Step 1: Company Identification
+
+Search the root domain (strip subdomains for broader matches) to find the operating company.
+Check for recent acquisitions or rebrands — ad tech companies frequently change ownership.
+
+### Step 2: First-Party Privacy Docs
+
+Find and read the company's privacy policy and/or cookie policy. Look for:
+- How they classify their own tracking
+- What data they collect
+- Stated purposes for data processing
+- Data retention periods
+
+### Step 3: Service Description
+
+Understand the business model:
+- Ad tech (DSP, SSP, ad exchange, header bidding)?
+- Analytics (pageview counters, session recording, A/B testing)?
+- CMP (consent management platform)?
+- CDN / performance (content delivery, image optimization)?
+- Functional (chat, support, preferences, authentication)?
+- Data broker (selling/sharing data with third parties)?
+
+### Step 4: CMP Database Lookups
+
+Search these databases for existing classifications:
+
+| Database | URL | Use For |
+|----------|-----|---------|
+| CookieDatabase.org | https://cookiedatabase.org/ | Cookie name lookup |
+| better.fyi trackers | https://better.fyi/trackers/ | Domain-to-company lookup |
+| Ghostery TrackerDB | https://www.ghostery.com/trackerdb | Tracker classification |
+| Cookiepedia | https://cookiepedia.co.uk/ | Cookie purpose database |
+| BuiltWith | https://builtwith.com/ | Site technology stack |
+| urlscan.io | https://urlscan.io/ | Domain/infrastructure analysis |
+
+### Step 5: Third-Party Cookie Policies
+
+Find other companies' published cookie policies that classify this same tracker/service.
+Multiple independent classifications strengthen confidence.
+
+### Step 6: Essential vs Non-Essential Determination
+
+Based on all evidence:
+- Would the site break without this tracker? (Essential)
+- Is it required for core functionality like auth, security, or the CMP itself? (Essential)
+- Does it enhance features without being required? (Functional)
+- Does it measure usage or behavior? (Analytics)
+- Does it serve, target, or retarget ads? (Advertising)
+- Is data sold or shared with third parties for their own use? (SaleOfInfo)
+
+Items can have multiple purposes (e.g. ["Advertising", "Analytics"] for an ad platform
+that also tracks impressions).
+
+IMPORTANT: Only recommend purposes from the customer's configured list. If research
+suggests a purpose that doesn't exist for this customer, flag it and suggest the closest
+available match.
+
+## Junk Indicators
+
+Mark as JUNK (not a real tracker to classify) if:
+- From a browser extension (Grammarly, LastPass, ad blockers injecting scripts)
+- Malware or unwanted injection not placed by the site operator
+- A development/testing artifact (localhost, staging URLs)
+- A subdomain variant of an already-approved regex rule
+
+## Confidence Levels
+
+- **High**: First-party docs confirm, OR multiple CMPs agree, OR well-known tracker
+- **Medium**: Some evidence but no definitive first-party documentation
+- **Low**: No docs found, best-guess only — flag for manual review
+
+## Output Format
+
+Return a structured finding for each item:
+
+\`\`\`json
+{
+  "domain": "<domain or cookie name>",
+  "company_name": "<identified company>",
+  "company_description": "<what the company does, 1-2 sentences>",
+  "service_url": "<company homepage>",
+  "specific_product": "<what product/feature this domain serves>",
+  "recommended_purposes": ["Advertising"],
+  "confidence": "High",
+  "is_junk": false,
+  "evidence_summary": "<2-3 sentence summary with key facts>",
+  "sources": ["<url1>", "<url2>"],
+  "suggested_description": "<one-line description to save as Transcend note>",
+  "first_party_privacy_url": "<URL of their privacy/cookie policy if found>",
+  "other_cmps_classify_as": "<what other CMPs say>"
+}
+\`\`\``,
+        },
+      },
+    ];
+  },
+};
diff --git a/packages/mcp/mcp-server-consent/src/prompts/consent_triage.ts b/packages/mcp/mcp-server-consent/src/prompts/consent_triage.ts
new file mode 100644
index 00000000..691342e9
--- /dev/null
+++ b/packages/mcp/mcp-server-consent/src/prompts/consent_triage.ts
@@ -0,0 +1,139 @@
+import type { PromptDefinition } from '@transcend-io/mcp-server-core';
+
+export const consentTriagePrompt: PromptDefinition = {
+  name: 'consent-triage',
+  description:
+    'Systematically triage cookies and data flows discovered by Transcend consent telemetry. ' +
+    'Walks through setup, batch fetching, research, review, and classification push.',
+  arguments: [
+    {
+      name: 'triage_type',
+      description: 'What to triage: "cookies", "data_flows", or "both" (default: "both")',
+      required: false,
+    },
+    {
+      name: 'batch_size',
+      description: 'Number of items per batch (default: 10)',
+      required: false,
+    },
+  ],
+  handler: (args) => {
+    const triageType = args.triage_type || 'both';
+    const batchSize = args.batch_size || '10';
+
+    return [
+      {
+        role: 'user',
+        content: {
+          type: 'text',
+          text: `Triage ${triageType === 'both' ? 'cookies and data flows' : triageType} in batches of ${batchSize}, sorted by highest traffic first.`,
+        },
+      },
+      {
+        role: 'assistant',
+        content: {
+          type: 'text',
+          text: `I'll walk through the consent triage workflow. Here's how it works:
+
+## Phase 1: Setup
+
+Gather the customer's consent configuration by calling these tools in parallel:
+
+1. \`consent_list_airgap_bundles\` — get the consent manager info (bundle ID is auto-resolved)
+2. \`consent_get_triage_stats\` — backlog overview
+3. \`consent_list_purposes\` — the customer's configured tracking purposes
+4. \`consent_list_regimes\` — consent experiences with regions, purposes, and opt-out defaults
+
+CRITICAL: Each customer configures their own purposes. Do NOT assume defaults exist. Only use purposes returned by \`consent_list_purposes\` for classification.
+
+From the regimes data, determine:
+- Which purposes can be opted out of per experience
+- Which purposes default to opted-out
+- The most permissive regime (fewest opted-out purposes) — needed for live site investigation
+
+Present the customer's setup:
+
+| Purpose | Slug | Used in Regimes |
+|---------|------|-----------------|
+| (from API) | (from API) | (cross-ref with regimes) |
+
+Present triage stats:
+
+| Metric | Cookies | Data Flows |
+|--------|---------|------------|
+| Needs Review | X | Y |
+| Live (Approved) | X | Y |
+| Junk | X | Y |
+
+## Phase 2: Fetch Batch
+
+Fetch the next batch of items needing review, sorted by highest traffic:
+
+${triageType === 'cookies' || triageType === 'both' ? '- `consent_list_cookies { status: "NEEDS_REVIEW", limit: ' + batchSize + ', order_field: "occurrences", order_direction: "DESC" }`' : ''}
+${triageType === 'data_flows' || triageType === 'both' ? '- `consent_list_data_flows { status: "NEEDS_REVIEW", limit: ' + batchSize + ', order_field: "occurrences", order_direction: "DESC" }`' : ''}
+
+Present in this table format:
+
+| # | Name/Domain | Type | Service | Auto-Purposes | Occurrences | Sites | First Seen |
+|---|-------------|------|---------|---------------|-------------|-------|------------|
+
+## Phase 3: Research
+
+For each item in the batch, research its purpose using web search and CMP databases.
+Use the \`consent-research-tracker\` prompt for detailed research methodology.
+If browser/DevTools access is available, use the \`consent-inspect-site\` prompt for live site investigation.
+
+Split items into parallel research groups of 3–5 items each for efficiency.
+
+## Phase 4: Present Findings
+
+For each researched item, present:
+
+### {name/domain}
+| Field | Value |
+|-------|-------|
+| Type | Cookie / Data Flow (HOST/REGEX) |
+| Domain | \`example.com\` |
+| Service | Service Name (or "Unknown") |
+| Current Purposes | What Transcend auto-classified (if any) |
+| Recommended Purpose | Research-based recommendation |
+| Confidence | High / Medium / Low |
+| How Loaded | Direct script / Tag manager / iframe / Dynamic |
+| Occurrences | N |
+| Evidence | Brief summary + source URLs |
+| Recommended Action | APPROVE with purposes / JUNK / NEEDS MANUAL REVIEW |
+| Suggested Note | Description to save to Transcend |
+
+Then show a summary action table:
+
+| # | Name/Domain | Action | Purposes | Service | Note |
+|---|-------------|--------|----------|---------|------|
+
+Ask the user to confirm, modify, or reject each recommendation before proceeding.
+
+## Phase 5: Push Classifications
+
+For confirmed items, update Transcend:
+
+- Individual updates with notes: \`consent_update_data_flows\` / \`consent_update_cookies\` with id, tracking_purposes, description, service, status: "LIVE"
+- Bulk approve/junk: \`consent_bulk_triage\` with items array containing type, id, action, tracking_purposes
+- Mark junk items with action "JUNK" (no purposes needed)
+
+After pushing, report what was updated and show the remaining triage count.
+
+## Phase 6: Loop
+
+Ask the user if they want to continue with the next batch. Repeat from Phase 2.
+
+## Key References
+
+- Triage guide: https://docs.transcend.io/docs/articles/consent-management/configuration/triage-cookies-and-dataflows-guide
+- Data flows & cookies: https://docs.transcend.io/docs/articles/consent-management/concepts/data-flows-and-cookies
+- Tracking purposes: https://docs.transcend.io/docs/articles/consent-management/concepts/tracking-purposes
+- Regional experiences: https://docs.transcend.io/docs/articles/consent-management/configuration/regional-experiences
+- Telemetry overview: https://docs.transcend.io/docs/articles/consent-management/configuration/telemetry-overview`,
+        },
+      },
+    ];
+  },
+};
diff --git a/packages/mcp/mcp-server-consent/src/prompts/index.ts b/packages/mcp/mcp-server-consent/src/prompts/index.ts
new file mode 100644
index 00000000..4e6c18d0
--- /dev/null
+++ b/packages/mcp/mcp-server-consent/src/prompts/index.ts
@@ -0,0 +1,15 @@
+import type { PromptDefinition, ToolClients } from '@transcend-io/mcp-server-core';
+
+import { consentInspectSitePrompt } from './consent_inspect_site.js';
+import { consentResearchTrackerPrompt } from './consent_research_tracker.js';
+import { consentTriagePrompt } from './consent_triage.js';
+
+/**
+ * Returns all consent prompt definitions.
+ * The clients arg is accepted for API consistency with getTools,
+ * but prompts don't currently need API access (they return static guidance).
+ */
+// eslint-disable-next-line @typescript-eslint/no-unused-vars
+export function getConsentPrompts(_clients: ToolClients): PromptDefinition[] {
+  return [consentTriagePrompt, consentResearchTrackerPrompt, consentInspectSitePrompt];
+}
diff --git a/packages/mcp/mcp-server-consent/src/resources/classification_guide.ts b/packages/mcp/mcp-server-consent/src/resources/classification_guide.ts
new file mode 100644
index 00000000..3c37366e
--- /dev/null
+++ b/packages/mcp/mcp-server-consent/src/resources/classification_guide.ts
@@ -0,0 +1,63 @@
+import type { ResourceDefinition } from '@transcend-io/mcp-server-core';
+
+export const classificationGuideResource: ResourceDefinition = {
+  uri: 'consent://classification-guide',
+  name: 'Consent Classification Guide',
+  description:
+    'Reference guide for classifying cookies and data flows into tracking purposes. ' +
+    'Covers purpose definitions, junk indicators, and confidence levels.',
+  mimeType: 'text/markdown',
+  handler: () => `# Consent Classification Guide
+
+## Tracking Purpose Reference
+
+IMPORTANT: Each customer configures their own tracking purposes. The table below shows
+common defaults for reference only. Always verify against the customer's actual
+configuration by calling \`consent_list_purposes\` before classifying.
+
+| Purpose | Typical Use | Examples |
+|---------|-------------|---------|
+| Essential | Required for the site to function — auth, security, CMP, CDN, load balancing | Session cookies, CSRF tokens, Transcend airgap.js, Cloudflare |
+| Functional | Enhanced features that improve UX but aren't strictly required | Live chat widgets, user preferences, A/B testing, embedded media players |
+| Analytics | Usage measurement and behavioral analysis | Google Analytics, Adobe Analytics, Heap, Mixpanel, pageview counters |
+| Advertising | Ad serving, targeting, retargeting, header bidding, impression tracking | Google Ads, DoubleClick, Prebid, Amazon Ads, Criteo, Taboola |
+| SaleOfInfo | Data sold to or shared with third parties for their own independent use | Data brokers, cross-site behavioral profiles, third-party data enrichment |
+
+### Multiple Purposes
+
+Items can have multiple purposes. Common combinations:
+- \`["Advertising", "Analytics"]\` — ad platform that also tracks impressions/conversions
+- \`["Advertising", "SaleOfInfo"]\` — ad network that shares data with third parties
+- \`["Functional", "Analytics"]\` — A/B testing tool that measures engagement
+
+### Essential Checklist
+
+Before classifying something as Essential, verify ALL of these:
+- The site would break or be unusable without it
+- It serves a core technical function (not just "nice to have")
+- It does not collect behavioral data for marketing purposes
+- Examples: authentication tokens, shopping cart state, language preferences set by the user, CMP scripts, CDN resources
+
+## Junk Indicators
+
+Mark as JUNK if the tracker is:
+
+| Indicator | Example |
+|-----------|---------|
+| Browser extension injection | Grammarly, LastPass, Honey, ad blocker scripts |
+| Malware / unwanted injection | Unknown scripts not placed by site operator |
+| Development / testing artifact | localhost URLs, staging environment trackers |
+| Duplicate of existing rule | Subdomain variant already covered by an approved regex rule |
+
+When in doubt, check if the tracker appears on multiple unrelated sites. Extension-injected
+trackers typically appear across many different sites with no logical connection.
+
+## Confidence Levels
+
+| Level | Criteria | Action |
+|-------|----------|--------|
+| High | First-party privacy docs confirm the purpose, OR multiple independent CMPs agree, OR it's a well-known tracker (e.g. Google Analytics = Analytics) | Safe to approve |
+| Medium | Some evidence found but no definitive first-party documentation; classification based on company business model and third-party references | Approve with note, flag for future review |
+| Low | No documentation found; classification is a best guess based on domain name or limited context | Flag for manual review — do not auto-approve |
+`,
+};
diff --git a/packages/mcp/mcp-server-consent/src/resources/index.ts b/packages/mcp/mcp-server-consent/src/resources/index.ts
new file mode 100644
index 00000000..5d595db1
--- /dev/null
+++ b/packages/mcp/mcp-server-consent/src/resources/index.ts
@@ -0,0 +1,13 @@
+import type { ResourceDefinition, ToolClients } from '@transcend-io/mcp-server-core';
+
+import { classificationGuideResource } from './classification_guide.js';
+
+/**
+ * Returns all consent resource definitions.
+ * The clients arg is accepted for API consistency with getTools,
+ * but resources don't currently need API access.
+ */
+// eslint-disable-next-line @typescript-eslint/no-unused-vars
+export function getConsentResources(_clients: ToolClients): ResourceDefinition[] {
+  return [classificationGuideResource];
+}
diff --git a/packages/mcp/mcp-server-core/src/index.ts b/packages/mcp/mcp-server-core/src/index.ts
index 0ce8d67d..b4c35bf8 100644
--- a/packages/mcp/mcp-server-core/src/index.ts
+++ b/packages/mcp/mcp-server-core/src/index.ts
@@ -11,6 +11,15 @@ export { EmptySchema, PaginationSchema } from './validation/schemas.js';
 export type { ToolAnnotations, ToolDefinition, ToolClients } from './tools/types.js';
 export { defineTool } from './tools/types.js';
 
+export type {
+  PromptDefinition,
+  PromptMessage,
+  PromptMessageContent,
+  PromptArgument,
+} from './prompts/types.js';
+
+export type { ResourceDefinition } from './resources/types.js';
+
 export { createToolResult, createErrorResult, createListResult, groupBy } from './tools/helpers.js';
 
 export { createMCPServer } from './server/create-server.js';
diff --git a/packages/mcp/mcp-server-core/src/prompts/types.ts b/packages/mcp/mcp-server-core/src/prompts/types.ts
new file mode 100644
index 00000000..19d2e467
--- /dev/null
+++ b/packages/mcp/mcp-server-core/src/prompts/types.ts
@@ -0,0 +1,47 @@
+/**
+ * Content block within a prompt message. Text-only for now;
+ * the MCP spec also supports image/audio/resource but we don't need those yet.
+ */
+export interface PromptMessageContent {
+  /** Content type */
+  type: 'text';
+  /** Text body */
+  text: string;
+}
+
+/** Single message in a prompt's output sequence. */
+export interface PromptMessage {
+  /** Whose turn this message represents */
+  role: 'user' | 'assistant';
+  /** Content block */
+  content: PromptMessageContent;
+}
+
+/** Declared argument a prompt accepts. */
+export interface PromptArgument {
+  /** Argument name (used as key in the args record) */
+  name: string;
+  /** Human-readable description */
+  description: string;
+  /** Whether the caller must supply this argument */
+  required?: boolean;
+}
+
+/**
+ * A reusable prompt template registered with the MCP server.
+ * Prompts encode workflow guidance that any MCP client can discover
+ * and invoke without embedding it in tool descriptions.
+ */
+export interface PromptDefinition {
+  /** Unique prompt name (kebab-case by convention) */
+  name: string;
+  /** Short description shown in prompts/list */
+  description: string;
+  /** Arguments the prompt accepts */
+  arguments?: PromptArgument[];
+  /**
+   * Returns the message sequence for this prompt.
+   * May be async if it needs to fetch dynamic data (e.g. customer purposes).
+   */
+  handler: (args: Record<string, string>) => PromptMessage[] | Promise<PromptMessage[]>;
+}
diff --git a/packages/mcp/mcp-server-core/src/resources/types.ts b/packages/mcp/mcp-server-core/src/resources/types.ts
new file mode 100644
index 00000000..218967b0
--- /dev/null
+++ b/packages/mcp/mcp-server-core/src/resources/types.ts
@@ -0,0 +1,17 @@
+/**
+ * A read-only resource registered with the MCP server.
+ * Resources expose reference data that clients can pull
+ * into context on demand via resources/read.
+ */
+export interface ResourceDefinition {
+  /** Stable URI (e.g. "consent://classification-guide") */
+  uri: string;
+  /** Human-readable name shown in resources/list */
+  name: string;
+  /** Description of what the resource contains */
+  description: string;
+  /** MIME type of the content (defaults to "text/plain") */
+  mimeType?: string;
+  /** Returns the resource text content. May be async for dynamic data. */
+  handler: () => string | Promise<string>;
+}
diff --git a/packages/mcp/mcp-server-core/src/server/create-server.ts b/packages/mcp/mcp-server-core/src/server/create-server.ts
index 27302cd9..90900eb8 100644
--- a/packages/mcp/mcp-server-core/src/server/create-server.ts
+++ b/packages/mcp/mcp-server-core/src/server/create-server.ts
@@ -1,10 +1,19 @@
 import { Server } from '@modelcontextprotocol/sdk/server/index.js';
 import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
 import { toJsonSchemaCompat } from '@modelcontextprotocol/sdk/server/zod-json-schema-compat.js';
-import { CallToolRequestSchema, ListToolsRequestSchema } from '@modelcontextprotocol/sdk/types.js';
+import {
+  CallToolRequestSchema,
+  GetPromptRequestSchema,
+  ListPromptsRequestSchema,
+  ListResourcesRequestSchema,
+  ListToolsRequestSchema,
+  ReadResourceRequestSchema,
+} from '@modelcontextprotocol/sdk/types.js';
 
 import { SimpleLogger } from '../clients/graphql/base.js';
 import { TranscendRestClient } from '../clients/rest-client.js';
+import type { PromptDefinition } from '../prompts/types.js';
+import type { ResourceDefinition } from '../resources/types.js';
 import { createErrorResult, createToolResult } from '../tools/helpers.js';
 import type { ToolDefinition, ToolClients } from '../tools/types.js';
 
@@ -15,6 +24,10 @@ export interface MCPServerOptions {
   version: string;
   /** Factory that returns tool definitions given API clients */
   getTools: (clients: ToolClients) => ToolDefinition[];
+  /** Optional factory that returns prompt definitions (workflow templates) */
+  getPrompts?: (clients: ToolClients) => PromptDefinition[];
+  /** Optional factory that returns resource definitions (reference data) */
+  getResources?: (clients: ToolClients) => ResourceDefinition[];
   /** Optional custom client factory */
   createClients?: (apiKey: string, sombraUrl: string, graphqlUrl: string) => ToolClients;
 }
@@ -61,10 +74,38 @@ export async function createMCPServer(options: MCPServerOptions): Promise<void>
 
   logger.info(`Registered ${toolMap.size} tools`, { toolCount: toolMap.size });
 
-  const server = new Server(
-    { name: options.name, version: options.version },
-    { capabilities: { tools: {} } },
-  );
+  const prompts = options.getPrompts?.(clients) ?? [];
+  const promptMap = new Map<string, PromptDefinition>();
+  for (const prompt of prompts) {
+    if (promptMap.has(prompt.name)) {
+      logger.warn(`Duplicate prompt name "${prompt.name}" — skipping`);
+      continue;
+    }
+    promptMap.set(prompt.name, prompt);
+  }
+
+  const resources = options.getResources?.(clients) ?? [];
+  const resourceMap = new Map<string, ResourceDefinition>();
+  for (const resource of resources) {
+    if (resourceMap.has(resource.uri)) {
+      logger.warn(`Duplicate resource URI "${resource.uri}" — skipping`);
+      continue;
+    }
+    resourceMap.set(resource.uri, resource);
+  }
+
+  if (promptMap.size > 0) {
+    logger.info(`Registered ${promptMap.size} prompts`, { promptCount: promptMap.size });
+  }
+  if (resourceMap.size > 0) {
+    logger.info(`Registered ${resourceMap.size} resources`, { resourceCount: resourceMap.size });
+  }
+
+  const capabilities: Record<string, Record<string, unknown>> = { tools: {} };
+  if (promptMap.size > 0) capabilities.prompts = {};
+  if (resourceMap.size > 0) capabilities.resources = {};
+
+  const server = new Server({ name: options.name, version: options.version }, { capabilities });
 
   server.setRequestHandler(ListToolsRequestSchema, async () => {
     logger.debug('Listing MCP tools');
@@ -118,6 +159,57 @@ export async function createMCPServer(options: MCPServerOptions): Promise<void>
     }
   });
 
+  if (promptMap.size > 0) {
+    server.setRequestHandler(ListPromptsRequestSchema, async () => {
+      logger.debug('Listing MCP prompts');
+      return {
+        prompts: Array.from(promptMap.values()).map((p) => ({
+          name: p.name,
+          description: p.description,
+          arguments: p.arguments,
+        })),
+      };
+    });
+
+    server.setRequestHandler(GetPromptRequestSchema, async (request) => {
+      const { name, arguments: args } = request.params;
+      logger.info(`Getting prompt: ${name}`);
+      const prompt = promptMap.get(name);
+      if (!prompt) {
+        throw new Error(`Unknown prompt: ${name}`);
+      }
+      const messages = await prompt.handler(args ?? {});
+      return { description: prompt.description, messages };
+    });
+  }
+
+  if (resourceMap.size > 0) {
+    server.setRequestHandler(ListResourcesRequestSchema, async () => {
+      logger.debug('Listing MCP resources');
+      return {
+        resources: Array.from(resourceMap.values()).map((r) => ({
+          uri: r.uri,
+          name: r.name,
+          description: r.description,
+          mimeType: r.mimeType ?? 'text/plain',
+        })),
+      };
+    });
+
+    server.setRequestHandler(ReadResourceRequestSchema, async (request) => {
+      const { uri } = request.params;
+      logger.info(`Reading resource: ${uri}`);
+      const resource = resourceMap.get(uri);
+      if (!resource) {
+        throw new Error(`Unknown resource: ${uri}`);
+      }
+      const text = await resource.handler();
+      return {
+        contents: [{ uri, text, mimeType: resource.mimeType ?? 'text/plain' }],
+      };
+    });
+  }
+
   logger.info(`Starting ${options.name} v${options.version}...`, { toolCount: toolMap.size });
 
   const transport = new StdioServerTransport();
@@ -127,5 +219,7 @@ export async function createMCPServer(options: MCPServerOptions): Promise<void>
     sombraUrl,
     graphqlUrl,
     tools: toolMap.size,
+    prompts: promptMap.size,
+    resources: resourceMap.size,
   });
 }

From b7ae06d7a1b3c100f4f5f4cb3d5ec54856374e61 Mon Sep 17 00:00:00 2001
From: Michael Farrell <mkfrl09@gmail.com>
Date: Thu, 9 Apr 2026 17:12:39 -0700
Subject: [PATCH 03/12] refactor: deduplicate enums and replace inline strings
 with shared privacy-types (#79)

* refactor: deduplicate enums and replace inline strings with shared privacy-types

- Add CookieOrderField, DataFlowOrderField, DataFlowType, TriageAction,
  ConsentTrackerType to @transcend-io/privacy-types
- Create shared schemas.ts in mcp-server-consent and mcp-server-dsr to
  deduplicate z.nativeEnum wrappers (ConsentTrackerStatusEnum,
  OrderDirectionEnum, RequestTypeEnum)
- Replace z.string() with z.nativeEnum() for order_field params in
  consent_list_cookies and consent_list_data_flows
- Replace inline z.enum(['APPROVE','JUNK']) and z.enum(['cookie','data_flow'])
  with shared TriageAction and ConsentTrackerType enums
- Replace z.enum(['DRAFT','PUBLISHED']) with AssessmentFormTemplateStatus
- Replace z.array(z.string()) scopes with z.array(z.nativeEnum(ScopeName))
- Replace z.string() identifierType with z.nativeEnum(IdentifierType) in
  preferences tools
- Add @transcend-io/privacy-types dependency to mcp-server-admin and
  mcp-server-preferences

* chore: add changeset for privacy-types enum additions

* refactor: inline z.nativeEnum, remove shared schemas, enhance admin_create_api_key

- Remove schemas.ts from mcp-server-consent and mcp-server-dsr; inline
  z.nativeEnum() directly in each tool file
- Enrich admin_create_api_key tool description with TRANSCEND_SCOPES
  metadata (title, description, dependency info for every scope)

* revert: keep identifierType as z.string() in preferences tools
---
 .changeset/mcp-enum-audit.md                  | 11 +++
 packages/mcp/mcp-server-admin/package.json    |  1 +
 .../src/tools/admin_create_api_key.ts         | 19 ++++-
 .../src/tools/assessments_create_template.ts  |  3 +-
 packages/mcp/mcp-server-consent/src/index.ts  |  2 -
 .../src/tools/consent_bulk_triage.ts          | 13 ++--
 .../src/tools/consent_list_cookies.ts         | 19 ++---
 .../src/tools/consent_list_data_flows.ts      | 22 +++---
 .../src/tools/consent_update_cookies.ts       |  9 +--
 .../src/tools/consent_update_data_flows.ts    |  9 +--
 packages/mcp/mcp-server-dsr/src/index.ts      |  7 +-
 .../src/tools/dsr_employee_submit.ts          |  4 +-
 .../mcp-server-dsr/src/tools/dsr_submit.ts    |  5 +-
 packages/privacy-types/src/consentManager.ts  | 75 +++++++++++++++++++
 pnpm-lock.yaml                                |  3 +
 15 files changed, 147 insertions(+), 55 deletions(-)
 create mode 100644 .changeset/mcp-enum-audit.md

diff --git a/.changeset/mcp-enum-audit.md b/.changeset/mcp-enum-audit.md
new file mode 100644
index 00000000..d4a62e54
--- /dev/null
+++ b/.changeset/mcp-enum-audit.md
@@ -0,0 +1,11 @@
+---
+'@transcend-io/privacy-types': minor
+'@transcend-io/mcp-server-consent': patch
+'@transcend-io/mcp-server-dsr': patch
+'@transcend-io/mcp-server-admin': patch
+'@transcend-io/mcp-server-assessments': patch
+---
+
+refactor: deduplicate enums and replace inline strings with shared privacy-types
+
+Add CookieOrderField, DataFlowOrderField, DataFlowType, TriageAction, and ConsentTrackerType enums to privacy-types. Replace z.string() tool params with proper enum types (ScopeName, AssessmentFormTemplateStatus). Enrich admin_create_api_key with TRANSCEND_SCOPES metadata.
diff --git a/packages/mcp/mcp-server-admin/package.json b/packages/mcp/mcp-server-admin/package.json
index e1627353..0a9cb4d2 100644
--- a/packages/mcp/mcp-server-admin/package.json
+++ b/packages/mcp/mcp-server-admin/package.json
@@ -39,6 +39,7 @@
   "dependencies": {
     "@modelcontextprotocol/sdk": "catalog:",
     "@transcend-io/mcp-server-core": "workspace:*",
+    "@transcend-io/privacy-types": "workspace:*",
     "zod": "catalog:"
   },
   "devDependencies": {
diff --git a/packages/mcp/mcp-server-admin/src/tools/admin_create_api_key.ts b/packages/mcp/mcp-server-admin/src/tools/admin_create_api_key.ts
index 41973c51..ccf50736 100644
--- a/packages/mcp/mcp-server-admin/src/tools/admin_create_api_key.ts
+++ b/packages/mcp/mcp-server-admin/src/tools/admin_create_api_key.ts
@@ -1,10 +1,18 @@
 import { createToolResult, defineTool, z, type ToolClients } from '@transcend-io/mcp-server-core';
+import { ScopeName, TRANSCEND_SCOPES } from '@transcend-io/privacy-types';
 
 import type { AdminMixin } from '../graphql.js';
 
+const scopeSummary = Object.entries(TRANSCEND_SCOPES)
+  .map(([name, def]) => {
+    const deps = def.dependencies.length > 0 ? ` (requires: ${def.dependencies.join(', ')})` : '';
+    return `- ${name}: ${def.title} — ${def.description}${deps}`;
+  })
+  .join('\n');
+
 export const CreateApiKeySchema = z.object({
   title: z.string().describe('Name/title for the API key'),
-  scopes: z.array(z.string()).describe('Array of permission scopes for the key (ScopeName values)'),
+  scopes: z.array(z.nativeEnum(ScopeName)).describe('Array of permission scopes for the key'),
   data_silos: z
     .array(z.string())
     .optional()
@@ -17,7 +25,14 @@ export function createAdminCreateApiKeyTool(clients: ToolClients) {
   return defineTool({
     name: 'admin_create_api_key',
     description:
-      'Create a new API key with specified scopes. WARNING: The token is only shown once!',
+      'Create a new API key with specified scopes. WARNING: The token is only shown once! ' +
+      'Scopes control what the key can access. Some scopes inherit dependencies — ' +
+      'for example, manageDataMap requires viewDataMap. ' +
+      'Use "readOnly" for view-only access to all resources, or "fullAdmin" for unrestricted access. ' +
+      'Common scopes: manageApiKeys, manageDataMap, manageConsentManager, makeDataSubjectRequest, ' +
+      'connectDataSilos, manageAssessments, manageDataInventory.\n\n' +
+      'Available scopes:\n' +
+      scopeSummary,
     category: 'Admin',
     readOnly: false,
     confirmationHint: 'Creates a new API key with the specified scopes',
diff --git a/packages/mcp/mcp-server-assessments/src/tools/assessments_create_template.ts b/packages/mcp/mcp-server-assessments/src/tools/assessments_create_template.ts
index 75f88d54..a8780459 100644
--- a/packages/mcp/mcp-server-assessments/src/tools/assessments_create_template.ts
+++ b/packages/mcp/mcp-server-assessments/src/tools/assessments_create_template.ts
@@ -6,6 +6,7 @@ import {
   type AssessmentTemplateCreateInput,
   type AssessmentSectionInput,
 } from '@transcend-io/mcp-server-core';
+import { AssessmentFormTemplateStatus } from '@transcend-io/privacy-types';
 
 import type { AssessmentsMixin } from '../graphql.js';
 
@@ -13,7 +14,7 @@ export const CreateTemplateSchema = z.object({
   title: z.string().describe('Title of the assessment form template'),
   description: z.string().optional().describe('Description of the template'),
   status: z
-    .enum(['DRAFT', 'PUBLISHED'])
+    .nativeEnum(AssessmentFormTemplateStatus)
     .optional()
     .describe('Template status: DRAFT or PUBLISHED (default: DRAFT)'),
   sections: z
diff --git a/packages/mcp/mcp-server-consent/src/index.ts b/packages/mcp/mcp-server-consent/src/index.ts
index a0d2c8d6..bfbc85e8 100644
--- a/packages/mcp/mcp-server-consent/src/index.ts
+++ b/packages/mcp/mcp-server-consent/src/index.ts
@@ -37,6 +37,4 @@ export {
   type BulkTriageItemInput,
   BulkTriageSchema,
   type BulkTriageInput,
-  TriageActionEnum,
-  type TriageActionInput,
 } from './tools/consent_bulk_triage.js';
diff --git a/packages/mcp/mcp-server-consent/src/tools/consent_bulk_triage.ts b/packages/mcp/mcp-server-consent/src/tools/consent_bulk_triage.ts
index 8a1e835c..e25dd76c 100644
--- a/packages/mcp/mcp-server-consent/src/tools/consent_bulk_triage.ts
+++ b/packages/mcp/mcp-server-consent/src/tools/consent_bulk_triage.ts
@@ -1,5 +1,9 @@
 import { createToolResult, defineTool, z, type ToolClients } from '@transcend-io/mcp-server-core';
-import { ConsentTrackerStatus } from '@transcend-io/privacy-types';
+import {
+  ConsentTrackerStatus,
+  ConsentTrackerType,
+  TriageAction,
+} from '@transcend-io/privacy-types';
 import {
   UPDATE_OR_CREATE_COOKIES,
   UPDATE_DATA_FLOWS,
@@ -11,13 +15,10 @@ import {
 
 import { resolveAirgapBundleId } from '../resolveAirgapBundleId.js';
 
-export const TriageActionEnum = z.enum(['APPROVE', 'JUNK']);
-export type TriageActionInput = z.infer<typeof TriageActionEnum>;
-
 export const BulkTriageItemSchema = z.object({
-  type: z.enum(['cookie', 'data_flow']).describe('Item type'),
+  type: z.nativeEnum(ConsentTrackerType).describe('Item type'),
   id: z.string().describe('Item ID (for data flows) or cookie name (for cookies)'),
-  action: TriageActionEnum.describe('Action to take: APPROVE or JUNK'),
+  action: z.nativeEnum(TriageAction).describe('Action to take: APPROVE or JUNK'),
   tracking_purposes: z
     .array(z.string())
     .optional()
diff --git a/packages/mcp/mcp-server-consent/src/tools/consent_list_cookies.ts b/packages/mcp/mcp-server-consent/src/tools/consent_list_cookies.ts
index 2e374228..9c223cbd 100644
--- a/packages/mcp/mcp-server-consent/src/tools/consent_list_cookies.ts
+++ b/packages/mcp/mcp-server-consent/src/tools/consent_list_cookies.ts
@@ -1,24 +1,25 @@
 import { createListResult, defineTool, z, type ToolClients } from '@transcend-io/mcp-server-core';
-import { ConsentTrackerStatus, OrderDirection } from '@transcend-io/privacy-types';
+import {
+  ConsentTrackerStatus,
+  CookieOrderField,
+  OrderDirection,
+} from '@transcend-io/privacy-types';
 import { COOKIES, type TranscendCliCookiesResponse } from '@transcend-io/sdk';
 
 import { resolveAirgapBundleId } from '../resolveAirgapBundleId.js';
 
-const ConsentTrackerStatusEnum = z.nativeEnum(ConsentTrackerStatus);
-const OrderDirectionEnum = z.nativeEnum(OrderDirection);
-
 export const ListCookiesSchema = z.object({
   limit: z.number().min(1).max(200).optional().default(50),
   offset: z.number().min(0).optional().default(0),
-  status: ConsentTrackerStatusEnum.describe(
-    'Filter by status: NEEDS_REVIEW (triage) or LIVE (approved)',
-  ),
+  status: z
+    .nativeEnum(ConsentTrackerStatus)
+    .describe('Filter by status: NEEDS_REVIEW (triage) or LIVE (approved)'),
   is_junk: z.boolean().optional().describe('Filter by junk status'),
   show_zero_activity: z.boolean().optional().describe('Include items with zero activity'),
   text: z.string().optional().describe('Search text filter'),
   service: z.string().optional().describe('Filter by service name'),
-  order_field: z.string().optional().describe('Field to sort by: name, createdAt, updatedAt'),
-  order_direction: OrderDirectionEnum.optional().describe('Sort direction: ASC or DESC'),
+  order_field: z.nativeEnum(CookieOrderField).optional().describe('Field to sort by'),
+  order_direction: z.nativeEnum(OrderDirection).optional().describe('Sort direction: ASC or DESC'),
 });
 export type ListCookiesInput = z.infer<typeof ListCookiesSchema>;
 
diff --git a/packages/mcp/mcp-server-consent/src/tools/consent_list_data_flows.ts b/packages/mcp/mcp-server-consent/src/tools/consent_list_data_flows.ts
index b4188aad..b49648a6 100644
--- a/packages/mcp/mcp-server-consent/src/tools/consent_list_data_flows.ts
+++ b/packages/mcp/mcp-server-consent/src/tools/consent_list_data_flows.ts
@@ -1,27 +1,25 @@
 import { createListResult, defineTool, z, type ToolClients } from '@transcend-io/mcp-server-core';
-import { ConsentTrackerStatus, OrderDirection } from '@transcend-io/privacy-types';
+import {
+  ConsentTrackerStatus,
+  DataFlowOrderField,
+  OrderDirection,
+} from '@transcend-io/privacy-types';
 import { DATA_FLOWS, type TranscendCliDataFlowsResponse } from '@transcend-io/sdk';
 
 import { resolveAirgapBundleId } from '../resolveAirgapBundleId.js';
 
-const ConsentTrackerStatusEnum = z.nativeEnum(ConsentTrackerStatus);
-const OrderDirectionEnum = z.nativeEnum(OrderDirection);
-
 export const ListDataFlowsSchema = z.object({
   limit: z.number().min(1).max(200).optional().default(50),
   offset: z.number().min(0).optional().default(0),
-  status: ConsentTrackerStatusEnum.describe(
-    'Filter by status: NEEDS_REVIEW (triage) or LIVE (approved)',
-  ),
+  status: z
+    .nativeEnum(ConsentTrackerStatus)
+    .describe('Filter by status: NEEDS_REVIEW (triage) or LIVE (approved)'),
   is_junk: z.boolean().optional().describe('Filter by junk status'),
   show_zero_activity: z.boolean().optional().describe('Include items with zero activity'),
   text: z.string().optional().describe('Search text filter'),
   service: z.string().optional().describe('Filter by service name'),
-  order_field: z
-    .string()
-    .optional()
-    .describe('Field to sort by: value, createdAt, updatedAt, occurrences, service'),
-  order_direction: OrderDirectionEnum.optional().describe('Sort direction: ASC or DESC'),
+  order_field: z.nativeEnum(DataFlowOrderField).optional().describe('Field to sort by'),
+  order_direction: z.nativeEnum(OrderDirection).optional().describe('Sort direction: ASC or DESC'),
 });
 export type ListDataFlowsInput = z.infer<typeof ListDataFlowsSchema>;
 
diff --git a/packages/mcp/mcp-server-consent/src/tools/consent_update_cookies.ts b/packages/mcp/mcp-server-consent/src/tools/consent_update_cookies.ts
index 987a89c4..f4379d18 100644
--- a/packages/mcp/mcp-server-consent/src/tools/consent_update_cookies.ts
+++ b/packages/mcp/mcp-server-consent/src/tools/consent_update_cookies.ts
@@ -8,8 +8,6 @@ import {
 
 import { resolveAirgapBundleId } from '../resolveAirgapBundleId.js';
 
-const ConsentTrackerStatusEnum = z.nativeEnum(ConsentTrackerStatus);
-
 export const UpdateCookieItemSchema = z.object({
   name: z.string().describe('Cookie name (used as the identifier for upsert)'),
   tracking_purposes: z
@@ -19,9 +17,10 @@ export const UpdateCookieItemSchema = z.object({
   description: z.string().optional().describe('Cookie description'),
   service: z.string().optional().describe('Service/integration name'),
   is_junk: z.boolean().optional().describe('Mark as junk'),
-  status: ConsentTrackerStatusEnum.optional().describe(
-    'Set status to LIVE (approve) or NEEDS_REVIEW',
-  ),
+  status: z
+    .nativeEnum(ConsentTrackerStatus)
+    .optional()
+    .describe('Set status to LIVE (approve) or NEEDS_REVIEW'),
 });
 export type UpdateCookieItemInput = z.infer<typeof UpdateCookieItemSchema>;
 
diff --git a/packages/mcp/mcp-server-consent/src/tools/consent_update_data_flows.ts b/packages/mcp/mcp-server-consent/src/tools/consent_update_data_flows.ts
index d782dbc1..1d1ea76a 100644
--- a/packages/mcp/mcp-server-consent/src/tools/consent_update_data_flows.ts
+++ b/packages/mcp/mcp-server-consent/src/tools/consent_update_data_flows.ts
@@ -8,17 +8,16 @@ import {
 
 import { resolveAirgapBundleId } from '../resolveAirgapBundleId.js';
 
-const ConsentTrackerStatusEnum = z.nativeEnum(ConsentTrackerStatus);
-
 export const UpdateDataFlowItemSchema = z.object({
   id: z.string().describe('Data flow ID'),
   tracking_purposes: z.array(z.string()).optional().describe('Tracking purpose slugs'),
   description: z.string().optional().describe('Data flow description'),
   service: z.string().optional().describe('Service/integration name'),
   is_junk: z.boolean().optional().describe('Mark as junk'),
-  status: ConsentTrackerStatusEnum.optional().describe(
-    'Set status to LIVE (approve) or NEEDS_REVIEW',
-  ),
+  status: z
+    .nativeEnum(ConsentTrackerStatus)
+    .optional()
+    .describe('Set status to LIVE (approve) or NEEDS_REVIEW'),
 });
 export type UpdateDataFlowItemInput = z.infer<typeof UpdateDataFlowItemSchema>;
 
diff --git a/packages/mcp/mcp-server-dsr/src/index.ts b/packages/mcp/mcp-server-dsr/src/index.ts
index c1aa5cd4..73657056 100644
--- a/packages/mcp/mcp-server-dsr/src/index.ts
+++ b/packages/mcp/mcp-server-dsr/src/index.ts
@@ -1,12 +1,7 @@
 export { getDSRTools } from './tools/index.js';
 export { DSRMixin } from './graphql.js';
 
-export {
-  RequestTypeEnum,
-  type RequestTypeInput,
-  submitDsrSchema,
-  type SubmitDsrInput,
-} from './tools/dsr_submit.js';
+export { submitDsrSchema, type SubmitDsrInput } from './tools/dsr_submit.js';
 export {
   employeeSubmitDsrSchema,
   type EmployeeSubmitDsrInput,
diff --git a/packages/mcp/mcp-server-dsr/src/tools/dsr_employee_submit.ts b/packages/mcp/mcp-server-dsr/src/tools/dsr_employee_submit.ts
index ed29d23f..66e8f9fa 100644
--- a/packages/mcp/mcp-server-dsr/src/tools/dsr_employee_submit.ts
+++ b/packages/mcp/mcp-server-dsr/src/tools/dsr_employee_submit.ts
@@ -3,10 +3,8 @@ import { RequestAction } from '@transcend-io/privacy-types';
 
 import type { DSRMixin } from '../graphql.js';
 
-export const RequestTypeEnum = z.nativeEnum(RequestAction);
-
 export const employeeSubmitDsrSchema = z.object({
-  type: RequestTypeEnum.describe('Type of DSR request'),
+  type: z.nativeEnum(RequestAction).describe('Type of DSR request'),
   email: z.string().describe('Email address of the data subject'),
   subjectType: z
     .string()
diff --git a/packages/mcp/mcp-server-dsr/src/tools/dsr_submit.ts b/packages/mcp/mcp-server-dsr/src/tools/dsr_submit.ts
index 8a62a103..52c6652a 100644
--- a/packages/mcp/mcp-server-dsr/src/tools/dsr_submit.ts
+++ b/packages/mcp/mcp-server-dsr/src/tools/dsr_submit.ts
@@ -1,11 +1,8 @@
 import { createToolResult, defineTool, type ToolClients, z } from '@transcend-io/mcp-server-core';
 import { RequestAction } from '@transcend-io/privacy-types';
 
-export const RequestTypeEnum = z.nativeEnum(RequestAction);
-export type RequestTypeInput = z.infer<typeof RequestTypeEnum>;
-
 export const submitDsrSchema = z.object({
-  type: RequestTypeEnum.describe('Type of DSR request'),
+  type: z.nativeEnum(RequestAction).describe('Type of DSR request'),
   email: z.string().describe('Email address of the data subject'),
   subjectType: z
     .string()
diff --git a/packages/privacy-types/src/consentManager.ts b/packages/privacy-types/src/consentManager.ts
index e16124da..9eca3b81 100644
--- a/packages/privacy-types/src/consentManager.ts
+++ b/packages/privacy-types/src/consentManager.ts
@@ -210,3 +210,78 @@ export const DefaultConsentOption = makeEnum({
 
 /** Override type */
 export type DefaultConsentOption = (typeof DefaultConsentOption)[keyof typeof DefaultConsentOption];
+
+/**
+ * Fields by which you can order cookies
+ */
+export const CookieOrderField = makeEnum({
+  /** The name of this cookie */
+  Name: 'name',
+  /** When the cookie was created */
+  CreatedAt: 'createdAt',
+  /** The time the cookie was updated */
+  UpdatedAt: 'updatedAt',
+});
+
+/** Type override */
+export type CookieOrderField = (typeof CookieOrderField)[keyof typeof CookieOrderField];
+
+/**
+ * Fields by which you can order data flows
+ */
+export const DataFlowOrderField = makeEnum({
+  /** The value of this data flow */
+  Value: 'value',
+  /** When the data flow was created */
+  CreatedAt: 'createdAt',
+  /** The time the data flow was updated */
+  UpdatedAt: 'updatedAt',
+  /** The number of occurrences of this data flow */
+  Occurrences: 'occurrences',
+  /** The SaaS tool associated with these data flows */
+  Service: 'service',
+});
+
+/** Type override */
+export type DataFlowOrderField = (typeof DataFlowOrderField)[keyof typeof DataFlowOrderField];
+
+/**
+ * Types of data flows
+ */
+export const DataFlowType = makeEnum({
+  /** URL-based data flow */
+  Url: 'URL',
+  /** Query parameter-based data flow */
+  QueryParam: 'QUERY_PARAM',
+  /** Regular expression-based data flow */
+  RegExp: 'REGEX',
+});
+
+/** Type override */
+export type DataFlowType = (typeof DataFlowType)[keyof typeof DataFlowType];
+
+/**
+ * Triage actions for consent bulk operations
+ */
+export const TriageAction = makeEnum({
+  /** Approve the tracker */
+  Approve: 'APPROVE',
+  /** Mark the tracker as junk */
+  Junk: 'JUNK',
+});
+
+/** Type override */
+export type TriageAction = (typeof TriageAction)[keyof typeof TriageAction];
+
+/**
+ * Discriminator for cookie vs data flow
+ */
+export const ConsentTrackerType = makeEnum({
+  /** Cookie tracker */
+  Cookie: 'cookie',
+  /** Data flow tracker */
+  DataFlow: 'data_flow',
+});
+
+/** Type override */
+export type ConsentTrackerType = (typeof ConsentTrackerType)[keyof typeof ConsentTrackerType];
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 11438f84..b6435bc0 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -349,6 +349,9 @@ importers:
       '@transcend-io/mcp-server-core':
         specifier: workspace:*
         version: link:../mcp-server-core
+      '@transcend-io/privacy-types':
+        specifier: workspace:*
+        version: link:../../privacy-types
       zod:
         specifier: 'catalog:'
         version: 4.3.6

From 8aa3e2579bd43ebf4ce670b25fade3d8a7f32d8d Mon Sep 17 00:00:00 2001
From: Michael Farrell <mike@transcend.io>
Date: Thu, 9 Apr 2026 17:22:52 -0700
Subject: [PATCH 04/12] fix: wire consent prompts and resources into MCP server

- Register getConsentPrompts and getConsentResources in cli.ts createMCPServer call (were defined but never wired up)
- Export getConsentPrompts and getConsentResources from package index
- Remove duplicate .worktrees entry in .gitignore
- Remove unnecessary eslint-disable comments
- Fix conditional blank lines in triage prompt template
---
 .gitignore                                       |  1 -
 packages/mcp/mcp-server-consent/src/cli.ts       |  4 ++++
 packages/mcp/mcp-server-consent/src/index.ts     |  2 ++
 .../src/prompts/consent_triage.ts                | 16 ++++++++++++++--
 .../mcp/mcp-server-consent/src/prompts/index.ts  |  1 -
 .../mcp-server-consent/src/resources/index.ts    |  1 -
 6 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/.gitignore b/.gitignore
index 64869e94..0590eb68 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,4 +9,3 @@ mise.local.toml
 node_modules
 *.tsbuildinfo
 secret.env
-.worktrees
diff --git a/packages/mcp/mcp-server-consent/src/cli.ts b/packages/mcp/mcp-server-consent/src/cli.ts
index 6ec914fe..cb99e9c3 100644
--- a/packages/mcp/mcp-server-consent/src/cli.ts
+++ b/packages/mcp/mcp-server-consent/src/cli.ts
@@ -1,10 +1,14 @@
 #!/usr/bin/env node
 import { createMCPServer } from '@transcend-io/mcp-server-core';
 
+import { getConsentPrompts } from './prompts/index.js';
+import { getConsentResources } from './resources/index.js';
 import { getConsentTools } from './tools/index.js';
 
 createMCPServer({
   name: 'transcend-mcp-consent',
   version: '1.0.0',
   getTools: getConsentTools,
+  getPrompts: getConsentPrompts,
+  getResources: getConsentResources,
 });
diff --git a/packages/mcp/mcp-server-consent/src/index.ts b/packages/mcp/mcp-server-consent/src/index.ts
index bfbc85e8..f2e391dc 100644
--- a/packages/mcp/mcp-server-consent/src/index.ts
+++ b/packages/mcp/mcp-server-consent/src/index.ts
@@ -1,4 +1,6 @@
 export { getConsentTools } from './tools/index.js';
+export { getConsentPrompts } from './prompts/index.js';
+export { getConsentResources } from './resources/index.js';
 export { resolveAirgapBundleId } from './resolveAirgapBundleId.js';
 
 export { GetPreferencesSchema, type GetPreferencesInput } from './tools/consent_get_preferences.js';
diff --git a/packages/mcp/mcp-server-consent/src/prompts/consent_triage.ts b/packages/mcp/mcp-server-consent/src/prompts/consent_triage.ts
index 691342e9..48d7ca4a 100644
--- a/packages/mcp/mcp-server-consent/src/prompts/consent_triage.ts
+++ b/packages/mcp/mcp-server-consent/src/prompts/consent_triage.ts
@@ -69,8 +69,20 @@ Present triage stats:
 
 Fetch the next batch of items needing review, sorted by highest traffic:
 
-${triageType === 'cookies' || triageType === 'both' ? '- `consent_list_cookies { status: "NEEDS_REVIEW", limit: ' + batchSize + ', order_field: "occurrences", order_direction: "DESC" }`' : ''}
-${triageType === 'data_flows' || triageType === 'both' ? '- `consent_list_data_flows { status: "NEEDS_REVIEW", limit: ' + batchSize + ', order_field: "occurrences", order_direction: "DESC" }`' : ''}
+${[
+  triageType === 'cookies' || triageType === 'both'
+    ? '- `consent_list_cookies { status: "NEEDS_REVIEW", limit: ' +
+      batchSize +
+      ', order_field: "occurrences", order_direction: "DESC" }`'
+    : '',
+  triageType === 'data_flows' || triageType === 'both'
+    ? '- `consent_list_data_flows { status: "NEEDS_REVIEW", limit: ' +
+      batchSize +
+      ', order_field: "occurrences", order_direction: "DESC" }`'
+    : '',
+]
+  .filter(Boolean)
+  .join('\n')}
 
 Present in this table format:
 
diff --git a/packages/mcp/mcp-server-consent/src/prompts/index.ts b/packages/mcp/mcp-server-consent/src/prompts/index.ts
index 4e6c18d0..6695415f 100644
--- a/packages/mcp/mcp-server-consent/src/prompts/index.ts
+++ b/packages/mcp/mcp-server-consent/src/prompts/index.ts
@@ -9,7 +9,6 @@ import { consentTriagePrompt } from './consent_triage.js';
  * The clients arg is accepted for API consistency with getTools,
  * but prompts don't currently need API access (they return static guidance).
  */
-// eslint-disable-next-line @typescript-eslint/no-unused-vars
 export function getConsentPrompts(_clients: ToolClients): PromptDefinition[] {
   return [consentTriagePrompt, consentResearchTrackerPrompt, consentInspectSitePrompt];
 }
diff --git a/packages/mcp/mcp-server-consent/src/resources/index.ts b/packages/mcp/mcp-server-consent/src/resources/index.ts
index 5d595db1..9cd01446 100644
--- a/packages/mcp/mcp-server-consent/src/resources/index.ts
+++ b/packages/mcp/mcp-server-consent/src/resources/index.ts
@@ -7,7 +7,6 @@ import { classificationGuideResource } from './classification_guide.js';
  * The clients arg is accepted for API consistency with getTools,
  * but resources don't currently need API access.
  */
-// eslint-disable-next-line @typescript-eslint/no-unused-vars
 export function getConsentResources(_clients: ToolClients): ResourceDefinition[] {
   return [classificationGuideResource];
 }

From 67d48ef21925ba54284dd7cde0519eddc9be38d3 Mon Sep 17 00:00:00 2001
From: Michael Farrell <mike@transcend.io>
Date: Thu, 9 Apr 2026 17:24:15 -0700
Subject: [PATCH 05/12] rev

---
 .gitignore | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.gitignore b/.gitignore
index 0590eb68..34105019 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,11 +1,11 @@
 .DS_Store
 .pnpm-store
 .turbo
-.worktrees
 coverage
 dist
 mise.local.lock
 mise.local.toml
 node_modules
 *.tsbuildinfo
-secret.env
+.worktrees
+secret.env
\ No newline at end of file

From 752540c464e2d765351ea6ec8b00d265a4a6c587 Mon Sep 17 00:00:00 2001
From: Michael Farrell <mike@transcend.io>
Date: Thu, 9 Apr 2026 17:27:56 -0700
Subject: [PATCH 06/12] refactor: deduplicate Cursor skills/agents vs MCP
 prompts/resources

SKILL.md and docs-reference.md duplicated content that is canonically
defined in the MCP prompts and classification-guide resource. Slim the
Cursor-specific files to be orchestration wrappers that reference the
MCP server as the source of truth for workflow details, research
methodology, console commands, and classification guidance.

Agents stay self-contained since subagents need complete instructions.
---
 .cursor/skills/consent-triage/SKILL.md        | 211 +++---------------
 .../skills/consent-triage/docs-reference.md   |  72 +-----
 2 files changed, 42 insertions(+), 241 deletions(-)

diff --git a/.cursor/skills/consent-triage/SKILL.md b/.cursor/skills/consent-triage/SKILL.md
index b4065a66..9ec3b9cd 100644
--- a/.cursor/skills/consent-triage/SKILL.md
+++ b/.cursor/skills/consent-triage/SKILL.md
@@ -13,35 +13,36 @@ description: >-
 Systematically research and classify cookies and data flows discovered by
 Transcend's consent telemetry, then push approved classifications back.
 
-Before starting, read these reference docs:
+Before starting, read the documentation links in
+[docs-reference.md](docs-reference.md).
 
-- [docs-reference.md](docs-reference.md) -- Transcend documentation links and console commands
+## MCP Prompts and Resources
+
+This skill's workflow, research methodology, and classification reference are
+defined as MCP prompts and resources in the consent MCP server. Use them as
+the canonical source of truth:
+
+- **`consent-triage`** prompt -- the full 6-phase workflow (setup, fetch, research, review, push, loop)
+- **`consent-research-tracker`** prompt -- research methodology for classifying a tracker
+- **`consent-inspect-site`** prompt -- live site investigation via browser DevTools
+- **`consent://classification-guide`** resource -- tracking purpose definitions, junk indicators, confidence levels
+
+Invoke these with `CallMcpTool` to get detailed guidance for each phase.
+
+## Cursor-Specific Orchestration
 
 This skill uses two custom agents defined in `.cursor/agents/`:
 
-- **consent-triage-researcher** -- web research for tracker classification
 - **consent-triage-inspector** -- live site investigation via Chrome DevTools
-
-## Workflow
+- **consent-triage-researcher** -- web research for tracker classification
 
 ### Phase 1: Setup
 
-1. Get the consent manager info (the airgap bundle ID is auto-resolved from
-   the API key -- you do not need to pass it to any tool):
+Call these MCP tools in parallel to gather the customer's configuration:
 
 ```
 consent_list_airgap_bundles
-```
-
-2. Get triage stats to show the user the backlog size:
-
-```
 consent_get_triage_stats
-```
-
-3. Fetch the customer's configured tracking purposes and regimes:
-
-```
 consent_list_purposes   -> save as available_purposes
 consent_list_regimes    -> save as configured_regimes
 ```
@@ -50,61 +51,25 @@ This is critical: customers have different purposes configured. Do NOT assume
 the defaults (Essential, Functional, Analytics, Advertising, SaleOfInfo) exist.
 Use ONLY the purposes returned by `consent_list_purposes` for classification.
 
-The regimes tool now returns real consent experience data including:
-
-- Which purposes can be opted out of per experience
-- Which purposes are opted out by default
-- Regions, view state, consent expiry settings
-
-Use this to determine the most permissive regime for live site investigation.
-Build a mapping of purpose -> which regimes use it.
-
-4. Present the customer's setup to the user:
-
-```
-| Purpose         | Slug          | Used in Regimes              |
-|-----------------|---------------|------------------------------|
-| (from API)      | (from API)    | (cross-ref with regimes)     |
-```
-
-5. Present triage stats:
-
-```
-| Metric              | Cookies | Data Flows |
-|---------------------|---------|------------|
-| Needs Review        | X       | Y          |
-| Live (Approved)     | X       | Y          |
-| Junk                | X       | Y          |
-```
+From the regimes data, determine the most permissive regime (fewest opted-out
+purposes) -- needed for live site investigation.
 
-6. Ask the user what to triage (cookies, data flows, or both) and confirm the
-   batch size (default: 10).
+Present the customer's setup and triage stats, then ask what to triage
+(cookies, data flows, or both) and confirm the batch size (default: 10).
 
 ### Phase 2: Fetch Batch
 
-Fetch the next batch of items needing review, sorted by highest traffic first:
+Fetch the next batch of items needing review, sorted by highest traffic:
 
 ```
 consent_list_cookies { status: "NEEDS_REVIEW", limit: <batch_size> }
-
 consent_list_data_flows { status: "NEEDS_REVIEW", limit: <batch_size> }
 ```
 
-Note: `status` is a required parameter. Use `"NEEDS_REVIEW"` for triage
-backlog or `"LIVE"` for approved items. The airgap bundle ID is automatically
-resolved -- do not pass it.
-
-Present the batch in this table format:
-
-```
-| # | Name/Domain | Type | Service | Auto-Purposes | Occurrences | Sites | First Seen |
-|---|-------------|------|---------|---------------|-------------|-------|------------|
-```
-
 ### Phase 3: Research (Parallel Subagents)
 
-Launch the custom agents in parallel. Cursor will auto-delegate to the
-matching agent based on the task description.
+Launch the custom agents in parallel via the Task tool. Cursor will
+auto-delegate to the matching agent based on the task description.
 
 Spawn pattern for a batch of N items:
 
@@ -121,101 +86,20 @@ IMPORTANT: The bundle name (e.g. "acme-platform") may be a platform
 provider, not the actual site with trackers. If the main domain is a corporate
 page, find a real client site from the homepage and use that instead.
 
-Each subagent should perform **two types of investigation**:
-
-**A) Web Research** (use WebSearch/WebFetch):
-
-- Identify the company (strip subdomains for broader matches, check for acquisitions)
-- Research their business model -- ad tech? analytics? CDN? CMP?
-- Fetch their privacy/cookie policy for first-party classification evidence
-- Search CMP databases: cookiedatabase.org, better.fyi/trackers, Ghostery, Cookiepedia
-- Find other companies' cookie policies that classify the same tracker
-- Determine: Essential vs Advertising vs Analytics vs Functional vs SaleOfInfo
-
-**B) Live Site Investigation** (use Chrome DevTools MCP):
-
-- Navigate to a site from the bundle using overrides for debugging:
-  `https://{site}/#tcm-regime={permissive_regime}&tcm-prompt=Hidden&log=*`
-- The regime override should use the most permissive regime where purposes
-  default to opted-in (not blocked). Determine this from Phase 1 regime data.
-  If all regimes block by default, load the page and run:
-  `airgap.optIn(Object.fromEntries(airgap.getRegimePurposes().map(p=>[p,true])))`
-- Then verify consent state: `airgap.getConsent().purposes` -- all should be
-  `true` or `"Auto"` (except block-by-default purposes).
-- Read console logs (`browser_get_console_logs` or DevTools) -- the `log=*`
-  override makes airgap emit detailed logs for every request it evaluates,
-  including allow/block decisions and purpose lookups. Search these logs for
-  the tracker domain to see exactly how airgap classifies and handles it.
-- Search page HTML and performance resource entries for the tracker domain
-- Identify how it loads: direct `<script>`, tag manager, iframe, dynamic injection
-- Inspect ad infrastructure: ad slot divs (`[data-prebid]`, `[data-ad-slot]`), inline
-  initialization scripts, window globals (`pbjs`, `googletag`, `adsbygoogle`)
-- Check ad config objects for consent integration, autoPageviewPixel, siteId, etc.
-- Run `await airgap.getPurposes('{url}')` to see what Transcend classifies it as
-- Run `await airgap.isAllowed('{url}')` to check current regulation status
-
-The consent-triage-inspector agent has all the JS evaluation snippets built in.
-
-Each subagent returns a structured finding per item.
-
 ### Phase 4: Present Findings
 
-Present all research results in review tables. For each item:
-
-```
-### {name/domain}
-| Field              | Value                                           |
-|--------------------|-------------------------------------------------|
-| Type               | Cookie / Data Flow (HOST/REGEX)                 |
-| Domain             | `example.com`                                   |
-| Service            | Service Name (or "Unknown")                     |
-| Current Purposes   | What Transcend auto-classified (if any)          |
-| Recommended Purpose| Your research-based recommendation               |
-| Confidence         | High / Medium / Low                              |
-| How Loaded         | Direct script / Tag manager / iframe / Dynamic   |
-| Sites Seen On      | X all-time, Y last week                         |
-| Occurrences        | N                                                |
-| First/Last Seen    | date / date                                      |
-| Evidence           | Brief summary + source URLs                     |
-| Recommended Action | APPROVE with purposes / JUNK / NEEDS MANUAL REVIEW |
-| Suggested Note     | Description to save to Transcend                 |
-```
-
-Then show a summary action table:
-
-```
-| # | Name/Domain        | Action  | Purposes                  | Service    | Note            |
-|---|--------------------|---------|---------------------------|------------|-----------------|
-| 1 | tracker.example.com| APPROVE | Advertising, Analytics    | ExampleCo  | Ad bidding SDK  |
-| 2 | junk.extension.io  | JUNK    | --                        | --         | Browser ext     |
-| 3 | internal.mysite.com| REVIEW  | Essential?                | Internal   | Needs eng input |
-```
+Present all research results in review tables. See the `consent-triage`
+MCP prompt for the recommended presentation format.
 
-Ask the user to confirm, modify, or reject each recommendation before proceeding.
+Ask the user to confirm, modify, or reject each recommendation before
+proceeding.
 
 ### Phase 5: Push Classifications
 
-For confirmed items, update Transcend using the MCP tools.
-
-For individual updates with notes/descriptions:
-
-```
-consent_update_data_flows {
-  data_flows: [{ id, tracking_purposes, description, service, status: "LIVE" }]
-}
-
-consent_update_cookies {
-  cookies: [{ name, tracking_purposes, description, service, status: "LIVE" }]
-}
-```
+For confirmed items, update Transcend using the MCP tools:
 
-For bulk approve/junk without custom descriptions:
-
-```
-consent_bulk_triage {
-  items: [{ type: "data_flow", id, action: "APPROVE", tracking_purposes }]
-}
-```
+- `consent_update_data_flows` / `consent_update_cookies` for individual updates with notes
+- `consent_bulk_triage` for bulk approve or junk
 
 After pushing, report what was updated and show remaining triage count.
 
@@ -223,34 +107,3 @@ After pushing, report what was updated and show remaining triage count.
 
 Ask the user if they want to continue with the next batch. Repeat from Phase 2
 until the backlog is cleared or the user stops.
-
-## Tracking Purpose Reference
-
-IMPORTANT: Do NOT hardcode purpose names. Each customer configures their own
-purposes. Always use the list from `consent_list_purposes` (fetched in Phase 1).
-
-Common defaults (for reference only -- verify these exist for the customer):
-
-| Purpose     | Typical Use                                         |
-| ----------- | --------------------------------------------------- |
-| Essential   | Required for site to function (auth, security, CMP) |
-| Functional  | Enhanced features (chat, preferences, A/B tests)    |
-| Analytics   | Usage measurement (GA, pageview counters)           |
-| Advertising | Ad serving, targeting, retargeting, header bidding  |
-| SaleOfInfo  | Data sold/shared with third parties for their use   |
-
-Customers may have added custom purposes, renamed defaults, or removed some.
-Only recommend purposes that exist in the customer's configuration. If research
-suggests a purpose that doesn't exist for this customer, flag it for the user
-and suggest the closest match from their available purposes.
-
-Items can have multiple purposes (e.g. `["Advertising", "Analytics"]`).
-
-## Junk Indicators
-
-Mark as JUNK if the tracker is:
-
-- From a browser extension (e.g. Grammarly, LastPass, ad blockers injecting)
-- Malware/unwanted injection not placed by the site operator
-- Clearly a development/testing artifact
-- A subdomain variant of an already-approved regex rule
diff --git a/.cursor/skills/consent-triage/docs-reference.md b/.cursor/skills/consent-triage/docs-reference.md
index 8db99f99..c0294663 100644
--- a/.cursor/skills/consent-triage/docs-reference.md
+++ b/.cursor/skills/consent-triage/docs-reference.md
@@ -14,68 +14,6 @@ Read these docs before beginning a triage session to understand the full context
 | Regional Experiences          | https://docs.transcend.io/docs/articles/consent-management/configuration/regional-experiences               | Understanding regime configuration |
 | Telemetry Overview            | https://docs.transcend.io/docs/articles/consent-management/configuration/telemetry-overview                 | How trackers are discovered        |
 
-## URL Override Parameters for Testing
-
-Load a site with hash parameters to control consent behavior without changing
-configuration. These are critical for live site investigation.
-
-```
-https://{site}/#tcm-regime={regime_name}&tcm-prompt=Hidden&log=*
-```
-
-| Parameter          | Description                     | Example                                |
-| ------------------ | ------------------------------- | -------------------------------------- |
-| `tcm-regime`       | Force a specific privacy regime | `GDPR+-+Standard`, `CCPA`, `No+Regime` |
-| `tcm-prompt`       | Control UI behavior             | `Hidden` (suppress banner)             |
-| `log`              | Enable debug logging            | `*` (all logs)                         |
-| `data-report-only` | Override regulation mode        | `off` (enforce blocking)               |
-
-### Choosing the Right Regime Override
-
-Goal: Load the page in a state where all non-essential trackers are **allowed**
-so you can observe them firing.
-
-1. Fetch regimes with `consent_list_regimes` -- this returns real consent
-   experience data including purposes, optedOutPurposes, regions, and viewState
-2. Find the most permissive regime (fewest opted-out purposes, or where most
-   purposes default to opted-in)
-3. If no regime allows everything, use any regime and then opt in manually:
-
-```javascript
-airgap.optIn(Object.fromEntries(airgap.getRegimePurposes().map((p) => [p, true])));
-```
-
-4. Verify: `airgap.getConsent().purposes` -- all should be `true` or `"Auto"`
-
-## Useful Console Commands
-
-| Command                                           | Purpose                                                      |
-| ------------------------------------------------- | ------------------------------------------------------------ |
-| `airgap.getConsent().purposes`                    | Current consent state per purpose                            |
-| `airgap.getRegimes()`                             | Active regime(s) for this session                            |
-| `airgap.getRegimePurposes()`                      | Purposes regulated under current regime                      |
-| `await airgap.getPurposes('{url}')`               | What purposes a URL is classified under                      |
-| `await airgap.isAllowed('{url}')`                 | Whether a URL is currently allowed                           |
-| `await airgap.isCookieAllowed({name:'{name}'})`   | Whether a cookie is allowed                                  |
-| `await airgap.getCookiePurposes({name:'{name}'})` | Cookie's assigned purposes                                   |
-| `airgap.export().requests`                        | Quarantined requests                                         |
-| `airgap.export().cookies`                         | Quarantined cookies                                          |
-| `airgap.export().sentRequests`                    | Requests detected as sent (needs `data-monitoring="export"`) |
-| `airgap.export().setCookies`                      | Cookies detected as set (needs `data-monitoring="export"`)   |
-| `airgap.loadOptions.reportOnly`                   | Whether report-only mode is active                           |
-| `airgap.version`                                  | Current airgap version                                       |
-
-## External Research Tools
-
-| Tool                | URL                                | Use For                        |
-| ------------------- | ---------------------------------- | ------------------------------ |
-| CookieDatabase.org  | https://cookiedatabase.org/        | Cookie name lookup             |
-| better.fyi trackers | https://better.fyi/trackers/       | Domain-to-company lookup       |
-| Ghostery TrackerDB  | https://www.ghostery.com/trackerdb | Tracker classification         |
-| Cookiepedia         | https://cookiepedia.co.uk/         | Cookie purpose database        |
-| BuiltWith           | https://builtwith.com/             | Identify site technology stack |
-| urlscan.io          | https://urlscan.io/                | Domain/infrastructure analysis |
-
 ## MCP Tools Quick Reference
 
 All tools auto-resolve the airgap bundle ID from the API key. You never need
@@ -97,3 +35,13 @@ to pass `airgap_bundle_id`.
 - `consent_update_cookies` -- update individual cookies (purposes, description, status, service)
 - `consent_update_data_flows` -- update individual data flows
 - `consent_bulk_triage` -- bulk approve or junk multiple items at once
+
+## Additional Reference
+
+For detailed investigation methodology, research steps, console commands,
+URL override parameters, and classification guidance, use the MCP prompts
+and resources registered in the consent server:
+
+- `consent-inspect-site` prompt -- URL overrides, console commands, JS evaluation snippets
+- `consent-research-tracker` prompt -- CMP databases, research methodology
+- `consent://classification-guide` resource -- purpose definitions, junk indicators, confidence levels

From 93a595e6cbf33b519c2d61767843f412fb9948e1 Mon Sep 17 00:00:00 2001
From: Michael Farrell <mike@transcend.io>
Date: Thu, 9 Apr 2026 17:40:16 -0700
Subject: [PATCH 07/12] BUGS

---
 .../src/tools/consent_get_triage_stats.ts        | 16 ++++------------
 .../src/tools/consent_list_cookies.ts            |  7 ++++---
 .../src/tools/consent_list_data_flows.ts         |  7 ++++---
 .../src/tools/consent_list_purposes.ts           |  7 ++++---
 .../src/tools/consent_list_regimes.ts            |  4 ++--
 .../mcp/mcp-server-consent/tests/consent.test.ts |  2 +-
 packages/sdk/src/consent/gqls/cookies.ts         |  8 --------
 packages/sdk/src/consent/gqls/dataFlows.ts       |  8 --------
 packages/sdk/src/consent/gqls/experiences.ts     |  8 --------
 packages/sdk/src/consent/gqls/purposes.ts        |  8 --------
 packages/sdk/src/consent/gqls/stats.ts           |  8 ++++----
 11 files changed, 23 insertions(+), 60 deletions(-)

diff --git a/packages/mcp/mcp-server-consent/src/tools/consent_get_triage_stats.ts b/packages/mcp/mcp-server-consent/src/tools/consent_get_triage_stats.ts
index df13def4..6c2bbd28 100644
--- a/packages/mcp/mcp-server-consent/src/tools/consent_get_triage_stats.ts
+++ b/packages/mcp/mcp-server-consent/src/tools/consent_get_triage_stats.ts
@@ -8,9 +8,7 @@ import {
 
 import { resolveAirgapBundleId } from '../resolveAirgapBundleId.js';
 
-export const GetCookieStatsSchema = z.object({
-  show_zero_activity: z.boolean().optional().describe('Include items with zero activity in counts'),
-});
+export const GetCookieStatsSchema = z.object({});
 export type GetCookieStatsInput = z.infer<typeof GetCookieStatsSchema>;
 
 export function createConsentGetTriageStatsTool(clients: ToolClients) {
@@ -18,20 +16,14 @@ export function createConsentGetTriageStatsTool(clients: ToolClients) {
     name: 'consent_get_triage_stats',
     description:
       'Get statistics on cookies and data flows: live (approved), needs review (triage), ' +
-      'and junk counts. Optionally filter by show_zero_activity to include/exclude ' +
-      'items with no telemetry activity.',
+      'and junk counts.',
     category: 'Consent Management',
     readOnly: true,
     annotations: { readOnlyHint: true, destructiveHint: false, idempotentHint: true },
     zodSchema: GetCookieStatsSchema,
-    handler: async ({ show_zero_activity }) => {
+    handler: async () => {
       const airgapBundleId = await resolveAirgapBundleId(clients.graphql);
-      const variables = {
-        input: { airgapBundleId },
-        ...(show_zero_activity !== undefined
-          ? { filterBy: { showZeroActivity: show_zero_activity } }
-          : {}),
-      };
+      const variables = { input: { airgapBundleId } };
       const [cookieData, dfData] = await Promise.all([
         clients.graphql.makeRequest<TranscendCliCookieStatsResponse>(COOKIE_STATS, variables),
         clients.graphql.makeRequest<TranscendCliDataFlowStatsResponse>(DATA_FLOW_STATS, variables),
diff --git a/packages/mcp/mcp-server-consent/src/tools/consent_list_cookies.ts b/packages/mcp/mcp-server-consent/src/tools/consent_list_cookies.ts
index 9c223cbd..f5380767 100644
--- a/packages/mcp/mcp-server-consent/src/tools/consent_list_cookies.ts
+++ b/packages/mcp/mcp-server-consent/src/tools/consent_list_cookies.ts
@@ -61,9 +61,10 @@ export function createConsentListCookiesTool(clients: ToolClients) {
           ? { orderBy: [{ field: order_field, direction: order_direction }] }
           : {}),
       });
-      return createListResult(data.cookies.nodes, {
-        totalCount: data.cookies.totalCount,
-        hasNextPage: data.cookies.pageInfo.hasNextPage,
+      const { nodes, totalCount } = data.cookies;
+      return createListResult(nodes, {
+        totalCount,
+        hasNextPage: offset + nodes.length < totalCount,
       });
     },
   });
diff --git a/packages/mcp/mcp-server-consent/src/tools/consent_list_data_flows.ts b/packages/mcp/mcp-server-consent/src/tools/consent_list_data_flows.ts
index b49648a6..d2ecb9bf 100644
--- a/packages/mcp/mcp-server-consent/src/tools/consent_list_data_flows.ts
+++ b/packages/mcp/mcp-server-consent/src/tools/consent_list_data_flows.ts
@@ -61,9 +61,10 @@ export function createConsentListDataFlowsTool(clients: ToolClients) {
           ? { orderBy: [{ field: order_field, direction: order_direction }] }
           : {}),
       });
-      return createListResult(data.dataFlows.nodes, {
-        totalCount: data.dataFlows.totalCount,
-        hasNextPage: data.dataFlows.pageInfo.hasNextPage,
+      const { nodes, totalCount } = data.dataFlows;
+      return createListResult(nodes, {
+        totalCount,
+        hasNextPage: offset + nodes.length < totalCount,
       });
     },
   });
diff --git a/packages/mcp/mcp-server-consent/src/tools/consent_list_purposes.ts b/packages/mcp/mcp-server-consent/src/tools/consent_list_purposes.ts
index 21db2784..29a05ac8 100644
--- a/packages/mcp/mcp-server-consent/src/tools/consent_list_purposes.ts
+++ b/packages/mcp/mcp-server-consent/src/tools/consent_list_purposes.ts
@@ -18,9 +18,10 @@ export function createConsentListPurposesTool(clients: ToolClients) {
       const data = await clients.graphql.makeRequest<TranscendCliPurposesResponse>(PURPOSES, {
         first: Math.min(limit, 100),
       });
-      return createListResult(data.purposes.nodes, {
-        totalCount: data.purposes.totalCount,
-        hasNextPage: data.purposes.pageInfo.hasNextPage,
+      const { nodes, totalCount } = data.purposes;
+      return createListResult(nodes, {
+        totalCount,
+        hasNextPage: nodes.length < totalCount,
       });
     },
   });
diff --git a/packages/mcp/mcp-server-consent/src/tools/consent_list_regimes.ts b/packages/mcp/mcp-server-consent/src/tools/consent_list_regimes.ts
index 180b1ecf..36648ebf 100644
--- a/packages/mcp/mcp-server-consent/src/tools/consent_list_regimes.ts
+++ b/packages/mcp/mcp-server-consent/src/tools/consent_list_regimes.ts
@@ -22,10 +22,10 @@ export function createConsentListRegimesTool(clients: ToolClients) {
         first: limit,
         offset,
       });
-      const { totalCount, pageInfo, nodes } = data.experiences;
+      const { totalCount, nodes } = data.experiences;
       return createListResult(nodes, {
         totalCount,
-        hasNextPage: pageInfo.hasNextPage,
+        hasNextPage: offset + nodes.length < totalCount,
       });
     },
   });
diff --git a/packages/mcp/mcp-server-consent/tests/consent.test.ts b/packages/mcp/mcp-server-consent/tests/consent.test.ts
index d930b606..1f3ad649 100644
--- a/packages/mcp/mcp-server-consent/tests/consent.test.ts
+++ b/packages/mcp/mcp-server-consent/tests/consent.test.ts
@@ -60,7 +60,7 @@ describe('Consent Tools', () => {
     it('returns list on success', async () => {
       const nodes = [{ id: 'p1', name: 'Analytics', trackingType: 'ANALYTICS' }];
       mockGraphql.makeRequest.mockResolvedValue({
-        purposes: { nodes, totalCount: 1, pageInfo: { hasNextPage: false } },
+        purposes: { nodes, totalCount: 1 },
       });
 
       const tools = getTools();
diff --git a/packages/sdk/src/consent/gqls/cookies.ts b/packages/sdk/src/consent/gqls/cookies.ts
index 60847f2a..b67cc432 100644
--- a/packages/sdk/src/consent/gqls/cookies.ts
+++ b/packages/sdk/src/consent/gqls/cookies.ts
@@ -106,11 +106,6 @@ export interface TranscendCliCookiesResponse {
     nodes: TranscendCookieGql[];
     /** Total count of matching cookies */
     totalCount: number;
-    /** Pagination info */
-    pageInfo: {
-      /** Whether more results exist */
-      hasNextPage: boolean;
-    };
   };
 }
 
@@ -133,9 +128,6 @@ export const COOKIES = gql`
       useMaster: false
     ) {
       totalCount
-      pageInfo {
-        hasNextPage
-      }
       nodes {
         id
         name
diff --git a/packages/sdk/src/consent/gqls/dataFlows.ts b/packages/sdk/src/consent/gqls/dataFlows.ts
index 5561adf9..816df660 100644
--- a/packages/sdk/src/consent/gqls/dataFlows.ts
+++ b/packages/sdk/src/consent/gqls/dataFlows.ts
@@ -183,11 +183,6 @@ export interface TranscendCliDataFlowsResponse {
     nodes: TranscendDataFlowGql[];
     /** Total count of matching data flows */
     totalCount: number;
-    /** Pagination info */
-    pageInfo: {
-      /** Whether more results exist */
-      hasNextPage: boolean;
-    };
   };
 }
 
@@ -210,9 +205,6 @@ export const DATA_FLOWS = gql`
       useMaster: false
     ) {
       totalCount
-      pageInfo {
-        hasNextPage
-      }
       nodes {
         id
         value
diff --git a/packages/sdk/src/consent/gqls/experiences.ts b/packages/sdk/src/consent/gqls/experiences.ts
index 34233c14..34ea44ec 100644
--- a/packages/sdk/src/consent/gqls/experiences.ts
+++ b/packages/sdk/src/consent/gqls/experiences.ts
@@ -56,11 +56,6 @@ export interface TranscendCliExperiencesResponse {
   experiences: {
     /** Total count of experiences */
     totalCount: number;
-    /** Pagination info */
-    pageInfo: {
-      /** Whether more results exist */
-      hasNextPage: boolean;
-    };
     /** List of experience nodes */
     nodes: TranscendExperienceGql[];
   };
@@ -73,9 +68,6 @@ export const EXPERIENCES = gql`
   query TranscendCliExperiences($first: Int!, $offset: Int!) {
     experiences(first: $first, offset: $offset, useMaster: false) {
       totalCount
-      pageInfo {
-        hasNextPage
-      }
       nodes {
         id
         name
diff --git a/packages/sdk/src/consent/gqls/purposes.ts b/packages/sdk/src/consent/gqls/purposes.ts
index ee89fff8..540b2613 100644
--- a/packages/sdk/src/consent/gqls/purposes.ts
+++ b/packages/sdk/src/consent/gqls/purposes.ts
@@ -78,20 +78,12 @@ export interface TranscendCliPurposesResponse {
     nodes: TranscendPurposeGql[];
     /** Total count of purposes */
     totalCount: number;
-    /** Pagination info */
-    pageInfo: {
-      /** Whether more results exist */
-      hasNextPage: boolean;
-    };
   };
 }
 
 export const PURPOSES = gql`
   query TranscendCliPurposes($first: Int!) {
     purposes(first: $first) {
-      pageInfo {
-        hasNextPage
-      }
       nodes {
         id
         name
diff --git a/packages/sdk/src/consent/gqls/stats.ts b/packages/sdk/src/consent/gqls/stats.ts
index cf3d755b..3591a5ff 100644
--- a/packages/sdk/src/consent/gqls/stats.ts
+++ b/packages/sdk/src/consent/gqls/stats.ts
@@ -17,8 +17,8 @@ export interface TranscendCliCookieStatsResponse {
 }
 
 export const COOKIE_STATS = gql`
-  query TranscendCliCookieStats($input: AirgapBundleInput!, $filterBy: CookiesFiltersInput) {
-    cookieStats(input: $input, filterBy: $filterBy) {
+  query TranscendCliCookieStats($input: AirgapBundleInput!) {
+    cookieStats(input: $input) {
       liveCount
       needReviewCount
       junkCount
@@ -33,8 +33,8 @@ export interface TranscendCliDataFlowStatsResponse {
 }
 
 export const DATA_FLOW_STATS = gql`
-  query TranscendCliDataFlowStats($input: AirgapBundleInput!, $filterBy: DataFlowsFiltersInput) {
-    dataFlowStats(input: $input, filterBy: $filterBy) {
+  query TranscendCliDataFlowStats($input: AirgapBundleInput!) {
+    dataFlowStats(input: $input) {
       liveCount
       needReviewCount
       junkCount

From ca1dc4f982409c6dc7b5c7ef9ecbf4dc4a905bcd Mon Sep 17 00:00:00 2001
From: Michael Farrell <mike@transcend.io>
Date: Thu, 9 Apr 2026 17:47:48 -0700
Subject: [PATCH 08/12] feat: replace static classification resource with
 dynamic docs-based resources

Resources now fetch live content from docs.transcend.io with static fallback:
- Tracking Purposes (purpose definitions and taxonomy)
- Triage Guide (full classification workflow)
- Debugging & Testing (URL overrides, console commands)
- Data Flows & Cookies (telemetry and regulation overview)
- Telemetry Overview (collection methods)

Uses https:// URIs so Cursor can open them directly (fixes "Failed to open
resource" error with the custom consent:// scheme).
---
 .cursor/skills/consent-triage/SKILL.md        | 11 ++-
 .../skills/consent-triage/docs-reference.md   |  4 +-
 .../src/resources/classification_guide.ts     | 63 -------------
 .../src/resources/docs_resource.ts            | 89 ++++++++++++++++++
 .../mcp-server-consent/src/resources/index.ts | 94 ++++++++++++++++++-
 5 files changed, 191 insertions(+), 70 deletions(-)
 delete mode 100644 packages/mcp/mcp-server-consent/src/resources/classification_guide.ts
 create mode 100644 packages/mcp/mcp-server-consent/src/resources/docs_resource.ts

diff --git a/.cursor/skills/consent-triage/SKILL.md b/.cursor/skills/consent-triage/SKILL.md
index 9ec3b9cd..ccc8ba75 100644
--- a/.cursor/skills/consent-triage/SKILL.md
+++ b/.cursor/skills/consent-triage/SKILL.md
@@ -25,9 +25,16 @@ the canonical source of truth:
 - **`consent-triage`** prompt -- the full 6-phase workflow (setup, fetch, research, review, push, loop)
 - **`consent-research-tracker`** prompt -- research methodology for classifying a tracker
 - **`consent-inspect-site`** prompt -- live site investigation via browser DevTools
-- **`consent://classification-guide`** resource -- tracking purpose definitions, junk indicators, confidence levels
 
-Invoke these with `CallMcpTool` to get detailed guidance for each phase.
+Resources (fetched live from docs.transcend.io with static fallback):
+
+- **Tracking Purposes** -- purpose definitions and classification reference
+- **Triage Guide** -- full triage workflow documentation
+- **Debugging & Testing** -- URL overrides, console commands, testing methodology
+- **Data Flows & Cookies** -- how telemetry discovers and regulates trackers
+- **Telemetry Overview** -- collection methods and data flow types
+
+Use `FetchMcpResource` to pull these into context, or invoke prompts with `CallMcpTool`.
 
 ## Cursor-Specific Orchestration
 
diff --git a/.cursor/skills/consent-triage/docs-reference.md b/.cursor/skills/consent-triage/docs-reference.md
index c0294663..a6a827a6 100644
--- a/.cursor/skills/consent-triage/docs-reference.md
+++ b/.cursor/skills/consent-triage/docs-reference.md
@@ -44,4 +44,6 @@ and resources registered in the consent server:
 
 - `consent-inspect-site` prompt -- URL overrides, console commands, JS evaluation snippets
 - `consent-research-tracker` prompt -- CMP databases, research methodology
-- `consent://classification-guide` resource -- purpose definitions, junk indicators, confidence levels
+
+MCP resources fetch live content from the docs links above with static fallback.
+Use `FetchMcpResource` to pull any of them into context.
diff --git a/packages/mcp/mcp-server-consent/src/resources/classification_guide.ts b/packages/mcp/mcp-server-consent/src/resources/classification_guide.ts
deleted file mode 100644
index 3c37366e..00000000
--- a/packages/mcp/mcp-server-consent/src/resources/classification_guide.ts
+++ /dev/null
@@ -1,63 +0,0 @@
-import type { ResourceDefinition } from '@transcend-io/mcp-server-core';
-
-export const classificationGuideResource: ResourceDefinition = {
-  uri: 'consent://classification-guide',
-  name: 'Consent Classification Guide',
-  description:
-    'Reference guide for classifying cookies and data flows into tracking purposes. ' +
-    'Covers purpose definitions, junk indicators, and confidence levels.',
-  mimeType: 'text/markdown',
-  handler: () => `# Consent Classification Guide
-
-## Tracking Purpose Reference
-
-IMPORTANT: Each customer configures their own tracking purposes. The table below shows
-common defaults for reference only. Always verify against the customer's actual
-configuration by calling \`consent_list_purposes\` before classifying.
-
-| Purpose | Typical Use | Examples |
-|---------|-------------|---------|
-| Essential | Required for the site to function — auth, security, CMP, CDN, load balancing | Session cookies, CSRF tokens, Transcend airgap.js, Cloudflare |
-| Functional | Enhanced features that improve UX but aren't strictly required | Live chat widgets, user preferences, A/B testing, embedded media players |
-| Analytics | Usage measurement and behavioral analysis | Google Analytics, Adobe Analytics, Heap, Mixpanel, pageview counters |
-| Advertising | Ad serving, targeting, retargeting, header bidding, impression tracking | Google Ads, DoubleClick, Prebid, Amazon Ads, Criteo, Taboola |
-| SaleOfInfo | Data sold to or shared with third parties for their own independent use | Data brokers, cross-site behavioral profiles, third-party data enrichment |
-
-### Multiple Purposes
-
-Items can have multiple purposes. Common combinations:
-- \`["Advertising", "Analytics"]\` — ad platform that also tracks impressions/conversions
-- \`["Advertising", "SaleOfInfo"]\` — ad network that shares data with third parties
-- \`["Functional", "Analytics"]\` — A/B testing tool that measures engagement
-
-### Essential Checklist
-
-Before classifying something as Essential, verify ALL of these:
-- The site would break or be unusable without it
-- It serves a core technical function (not just "nice to have")
-- It does not collect behavioral data for marketing purposes
-- Examples: authentication tokens, shopping cart state, language preferences set by the user, CMP scripts, CDN resources
-
-## Junk Indicators
-
-Mark as JUNK if the tracker is:
-
-| Indicator | Example |
-|-----------|---------|
-| Browser extension injection | Grammarly, LastPass, Honey, ad blocker scripts |
-| Malware / unwanted injection | Unknown scripts not placed by site operator |
-| Development / testing artifact | localhost URLs, staging environment trackers |
-| Duplicate of existing rule | Subdomain variant already covered by an approved regex rule |
-
-When in doubt, check if the tracker appears on multiple unrelated sites. Extension-injected
-trackers typically appear across many different sites with no logical connection.
-
-## Confidence Levels
-
-| Level | Criteria | Action |
-|-------|----------|--------|
-| High | First-party privacy docs confirm the purpose, OR multiple independent CMPs agree, OR it's a well-known tracker (e.g. Google Analytics = Analytics) | Safe to approve |
-| Medium | Some evidence found but no definitive first-party documentation; classification based on company business model and third-party references | Approve with note, flag for future review |
-| Low | No documentation found; classification is a best guess based on domain name or limited context | Flag for manual review — do not auto-approve |
-`,
-};
diff --git a/packages/mcp/mcp-server-consent/src/resources/docs_resource.ts b/packages/mcp/mcp-server-consent/src/resources/docs_resource.ts
new file mode 100644
index 00000000..f1cace8d
--- /dev/null
+++ b/packages/mcp/mcp-server-consent/src/resources/docs_resource.ts
@@ -0,0 +1,89 @@
+import type { ResourceDefinition } from '@transcend-io/mcp-server-core';
+
+const FETCH_TIMEOUT_MS = 8_000;
+
+/**
+ * Creates a ResourceDefinition that fetches content from a Transcend docs page.
+ * Uses the actual docs URL as the resource URI so MCP clients can open it directly.
+ * Falls back to a static description if the fetch fails (offline, timeout, etc.).
+ */
+export function createDocsResource(options: {
+  /** Full URL of the docs page (becomes the resource URI) */
+  url: string;
+  /** Human-readable name shown in resources/list */
+  name: string;
+  /** Short description of what this docs page covers */
+  description: string;
+  /** Static markdown returned when the live fetch fails */
+  fallback: string;
+}): ResourceDefinition {
+  return {
+    uri: options.url,
+    name: options.name,
+    description: options.description,
+    mimeType: 'text/markdown',
+    handler: async () => {
+      try {
+        const response = await fetch(options.url, {
+          headers: { Accept: 'text/markdown, text/plain, text/html' },
+          signal: AbortSignal.timeout(FETCH_TIMEOUT_MS),
+        });
+        if (!response.ok) {
+          return withSourceLink(options.fallback, options.url);
+        }
+        const text = await response.text();
+        const markdown = extractMarkdown(text);
+        return withSourceLink(markdown, options.url);
+      } catch {
+        return withSourceLink(options.fallback, options.url);
+      }
+    },
+  };
+}
+
+function withSourceLink(content: string, url: string): string {
+  return `${content}\n\n---\n*Source: ${url}*\n`;
+}
+
+/**
+ * Extracts readable markdown from a docs page response.
+ * Mintlify docs return HTML by default; we strip tags for a usable text version.
+ * If the content is already markdown-like (starts with # or has no HTML), return as-is.
+ */
+function extractMarkdown(raw: string): string {
+  const trimmed = raw.trim();
+  if (!trimmed.includes('<html') && !trimmed.includes('<!DOCTYPE')) {
+    return trimmed;
+  }
+
+  let text = trimmed
+    .replace(/<script[\s\S]*?<\/script>/gi, '')
+    .replace(/<style[\s\S]*?<\/style>/gi, '')
+    .replace(/<nav[\s\S]*?<\/nav>/gi, '')
+    .replace(/<footer[\s\S]*?<\/footer>/gi, '')
+    .replace(/<header[\s\S]*?<\/header>/gi, '')
+    .replace(/<br\s*\/?>/gi, '\n')
+    .replace(/<\/p>/gi, '\n\n')
+    .replace(/<\/h[1-6]>/gi, '\n\n')
+    .replace(/<\/li>/gi, '\n')
+    .replace(/<\/tr>/gi, '\n')
+    .replace(/<[^>]+>/g, '')
+    .replace(/&amp;/g, '&')
+    .replace(/&lt;/g, '<')
+    .replace(/&gt;/g, '>')
+    .replace(/&quot;/g, '"')
+    .replace(/&#39;/g, "'")
+    .replace(/&nbsp;/g, ' ')
+    .replace(/\n{3,}/g, '\n\n')
+    .trim();
+
+  const lines = text.split('\n');
+  const contentStart = lines.findIndex(
+    (l) => l.trim().length > 20 && !l.includes('Skip to') && !l.includes('Search...'),
+  );
+  if (contentStart > 0) {
+    text = lines.slice(contentStart).join('\n').trim();
+  }
+
+  return text;
+}
diff --git a/packages/mcp/mcp-server-consent/src/resources/index.ts b/packages/mcp/mcp-server-consent/src/resources/index.ts
index 9cd01446..7b00a47b 100644
--- a/packages/mcp/mcp-server-consent/src/resources/index.ts
+++ b/packages/mcp/mcp-server-consent/src/resources/index.ts
@@ -1,12 +1,98 @@
 import type { ResourceDefinition, ToolClients } from '@transcend-io/mcp-server-core';
 
-import { classificationGuideResource } from './classification_guide.js';
+import { createDocsResource } from './docs_resource.js';
+
+const DOCS_BASE = 'https://docs.transcend.io/docs/articles/consent-management';
 
 /**
  * Returns all consent resource definitions.
- * The clients arg is accepted for API consistency with getTools,
- * but resources don't currently need API access.
+ * Each resource fetches live content from docs.transcend.io with a static fallback.
  */
 export function getConsentResources(_clients: ToolClients): ResourceDefinition[] {
-  return [classificationGuideResource];
+  return [
+    createDocsResource({
+      url: `${DOCS_BASE}/concepts/tracking-purposes`,
+      name: 'Tracking Purposes',
+      description:
+        'List of all available tracking purposes for consent management — ' +
+        'Essential, Functional, Advertising, Analytics, Sale/Sharing.',
+      fallback: TRACKING_PURPOSES_FALLBACK,
+    }),
+    createDocsResource({
+      url: `${DOCS_BASE}/configuration/triage-cookies-and-dataflows-guide`,
+      name: 'Triage Guide',
+      description:
+        'How to triage and classify data flows and cookies from telemetry — ' +
+        'researching, classifying, regex rules, junk handling, and approval workflow.',
+      fallback: TRIAGE_GUIDE_FALLBACK,
+    }),
+    createDocsResource({
+      url: `${DOCS_BASE}/concepts/data-flows-and-cookies`,
+      name: 'Data Flows & Cookies',
+      description:
+        'Overview of how Transcend discovers and regulates data flows and cookies ' +
+        'via the airgap.js consent manager script.',
+      fallback: DATA_FLOWS_FALLBACK,
+    }),
+    createDocsResource({
+      url: `${DOCS_BASE}/reference/debugging-and-testing`,
+      name: 'Debugging & Testing',
+      description:
+        'URL override parameters (tcm-regime, tcm-prompt, log), console commands, ' +
+        'and testing methodology for consent manager debugging.',
+      fallback: DEBUGGING_FALLBACK,
+    }),
+    createDocsResource({
+      url: `${DOCS_BASE}/configuration/telemetry-overview`,
+      name: 'Telemetry Overview',
+      description:
+        'How consent telemetry discovers trackers on your site — ' +
+        'collection methods, data flow types, and cookie detection.',
+      fallback: TELEMETRY_FALLBACK,
+    }),
+  ];
 }
+
+const TRACKING_PURPOSES_FALLBACK = `# Tracking Purposes
+
+| Purpose | Description |
+|---------|-------------|
+| Essential | No consent required — essential site functionality and flows that don't transmit user data |
+| Functional | Non-essential but helpful — support chat, error logging, preferences |
+| Advertising | Data flows that collect or share data for marketing or advertising |
+| Analytics | Data flows that collect or share information for analytics purposes |
+| Sale/Sharing of Personal Information | Data sold or shared with third parties for cross-context behavioral advertising |
+
+Data flows can have multiple tracking purposes.`;
+
+const TRIAGE_GUIDE_FALLBACK = `# Guide to Triaging Data Flows & Cookies
+
+1. Review auto-classified data flows (confirm service and purpose)
+2. Research unclassified flows (check cookie policies, CookieDatabase.org, better.fyi)
+3. Create regex rules for recurring cookies (e.g. _ga{{UUID}})
+4. Mark browser extension / malware injections as junk
+5. Approve classified flows to add them to the airgap.js bundle`;
+
+const DATA_FLOWS_FALLBACK = `# Data Flows & Cookies
+
+Data flows are network requests made by your site that Transcend discovers via telemetry.
+Cookies are browser cookies set by scripts on your site.
+Both are regulated by the airgap.js consent manager based on assigned tracking purposes.`;
+
+const DEBUGGING_FALLBACK = `# Debugging & Testing
+
+URL override parameters:
+- \`#tcm-regime={name}\` — force a specific privacy regime
+- \`#tcm-prompt=Hidden\` — suppress the consent banner
+- \`#log=*\` — enable verbose airgap debug logging
+
+Console commands:
+- \`airgap.getConsent().purposes\` — current consent state
+- \`airgap.getRegimes()\` — active regimes
+- \`await airgap.getPurposes('{url}')\` — URL classification
+- \`await airgap.isAllowed('{url}')\` — whether a URL is allowed`;
+
+const TELEMETRY_FALLBACK = `# Telemetry Overview
+
+Consent telemetry discovers trackers by monitoring network requests and cookies
+on your site. Discovered items appear in the Triage view for classification.`;

From bf4c40cec7883c7580ee98762ab46cfca5ef9123 Mon Sep 17 00:00:00 2001
From: Michael Farrell <mike@transcend.io>
Date: Thu, 9 Apr 2026 17:53:01 -0700
Subject: [PATCH 09/12] refactor: make skills and agents dead simple, MCP-first

Skills and agents now delegate to MCP prompts for all substance:

- SKILL.md: 117 -> 25 lines. Invokes the consent-triage MCP prompt
  and documents subagent spawning pattern.
- docs-reference.md: deleted. MCP resources + tool discovery replace it.
- Inspector agent: 123 -> 35 lines. Fetches consent-inspect-site MCP
  prompt for methodology. Fixed readonly->false for MCP access.
- Researcher agent: 95 -> 40 lines. Fetches consent-research-tracker MCP
  prompt for methodology. Fixed readonly->false for MCP access.
---
 .cursor/agents/consent-triage-inspector.md    | 122 +++---------------
 .cursor/agents/consent-triage-researcher.md   |  90 +++----------
 .cursor/skills/consent-triage/SKILL.md        | 115 ++---------------
 .../skills/consent-triage/docs-reference.md   |  49 -------
 4 files changed, 49 insertions(+), 327 deletions(-)
 delete mode 100644 .cursor/skills/consent-triage/docs-reference.md

diff --git a/.cursor/agents/consent-triage-inspector.md b/.cursor/agents/consent-triage-inspector.md
index 1e1fd189..c123b951 100644
--- a/.cursor/agents/consent-triage-inspector.md
+++ b/.cursor/agents/consent-triage-inspector.md
@@ -2,17 +2,28 @@
 name: consent-triage-inspector
 description: >-
   Inspects how trackers load on a live website using Chrome DevTools MCP.
-  Use when investigating how a data flow or cookie gets onto a page --
-  whether it's a direct script, loaded via tag manager, in an iframe,
-  or dynamically injected. Checks ad infrastructure, consent state, and
-  airgap classification.
+  Checks ad infrastructure, consent state, and airgap classification.
 model: fast
-readonly: true
+readonly: false
 is_background: true
 ---
 
 You are a web inspector specialist. Your job is to analyze how trackers
-load on live websites using Chrome DevTools MCP tools (navigate, evaluate).
+load on live websites using Chrome DevTools MCP tools.
+
+## Setup
+
+Fetch the **`consent-inspect-site`** MCP prompt from the `transcend-consent`
+server for your full investigation methodology. It contains:
+
+- URL override parameters for debug mode
+- Consent state verification steps
+- JS evaluation snippets for performance entries, HTML search, ad
+  infrastructure, window globals, and airgap classification
+- Output format for tracker findings and site summary
+
+Follow every step in the prompt. Use Chrome DevTools MCP tools (`navigate`,
+`evaluate`) to execute the JS snippets on the live site.
 
 ## Input
 
@@ -21,103 +32,8 @@ You will receive:
 - A target site URL with regime override parameters
 - A list of tracker domains to look for
 
-## Important: Platform vs Client Sites
+## Important
 
 The bundle name (e.g. "acme-platform") may be a platform provider, not
 the site with actual trackers. If the primary domain is a corporate landing
-page without ad trackers, find a real client site from links on the homepage
-and use that instead.
-
-## Setup
-
-### 1. Navigate with debug overrides
-
-Use the Chrome DevTools `navigate` tool with the override URL:
-`{site}/#tcm-regime={regime}&tcm-prompt=Hidden&log=*`
-
-### 2. Verify consent state
-
-Evaluate JS to check `airgap.getRegimes()`, `airgap.getConsent().purposes`,
-and `airgap.getRegimePurposes()`. All purposes should be `true` or `"Auto"`.
-
-If not, opt in manually:
-
-```javascript
-airgap.optIn(Object.fromEntries(airgap.getRegimePurposes().map((p) => [p, true])));
-```
-
-## Investigation
-
-Run the following checks via JS evaluation in DevTools. Write your own
-snippets or adapt from the `consent-inspect-site` MCP prompt methodology.
-
-### 3. Performance entries
-
-Use `performance.getEntriesByType('resource')` and filter for each tracker
-domain. Record URL, initiator type, duration, and transfer size.
-
-### 4. Search page HTML
-
-Search `document.documentElement.outerHTML` for each tracker domain. Capture
-surrounding context (100 chars before/after) to understand placement.
-
-### 5. Ad infrastructure
-
-Find ad-related `<script src>` tags (prebid, googletag, taboola, criteo,
-amazon-adsystem, adsbygoogle, doubleclick -- non-exhaustive, look broadly).
-Find ad slot elements (`[data-prebid]`, `[data-ad]`, `[data-ad-slot]`,
-`[data-ad-unit]`, etc.) and ad iframes.
-
-### 6. Inline init scripts
-
-Check `<script>` tags without `src` for ad platform initialization code
-(prebid config, googletag slot definitions, etc.).
-
-### 7. Window globals and ad config
-
-Scan `Object.keys(window)` for known ad globals (`pbjs`, `googletag`,
-`__tcfapi`, `__gpp`, `adsbygoogle`, `_taboola`, `criteo_q`, `apstag`).
-Inspect any found config objects.
-
-### 8. Airgap classification
-
-For each tracker domain, call `await airgap.getPurposes('https://{domain}/')`
-and `await airgap.isAllowed('https://{domain}/')` to see how Transcend
-currently classifies it.
-
-### 9. Console logs
-
-Read browser console output. The `log=*` override makes airgap emit
-detailed allow/block decisions for every request.
-
-## Output
-
-For each tracker return:
-
-```json
-{
-  "domain": "<domain>",
-  "found_on_page": true,
-  "loading_method": "direct_script|tag_manager|iframe|dynamic|not_found",
-  "loaded_by": "<what script or mechanism loads it>",
-  "in_main_document": true,
-  "airgap_purposes": ["Advertising"],
-  "airgap_allowed": true,
-  "ad_infrastructure": "<detected ad chain, e.g. Prebid -> GPT>",
-  "related_config": "<relevant config values>",
-  "notes": "<additional observations>"
-}
-```
-
-Also return a site summary:
-
-```json
-{
-  "site_investigated": "<actual URL used>",
-  "ad_stack": "<detected stack, e.g. Prebid -> Google Publisher Tags>",
-  "consent_manager": "Transcend CMP",
-  "total_ad_slots": "<count>",
-  "total_scripts": "<count>",
-  "total_iframes": "<count>"
-}
-```
+page without ad trackers, find a real client site from links on the homepage.
diff --git a/.cursor/agents/consent-triage-researcher.md b/.cursor/agents/consent-triage-researcher.md
index 627db6ab..da446097 100644
--- a/.cursor/agents/consent-triage-researcher.md
+++ b/.cursor/agents/consent-triage-researcher.md
@@ -2,18 +2,30 @@
 name: consent-triage-researcher
 description: >-
   Researches trackers, cookies, and data flows for consent classification.
-  Use when investigating what a tracker does, who operates it, and what
-  consent purpose it should be classified under. Identifies companies,
-  fetches privacy policies, checks CMP databases, and determines whether
-  a tracker is Essential, Advertising, Analytics, Functional, or SaleOfInfo.
+  Identifies companies, fetches privacy policies, checks CMP databases,
+  and determines the correct consent purpose.
 model: fast
-readonly: true
+readonly: false
 is_background: true
 ---
 
 You are a privacy research specialist. Your job is to research trackers and
 data flows to determine their correct consent classification.
 
+## Setup
+
+Fetch the **`consent-research-tracker`** MCP prompt from the `transcend-consent`
+server for your full research methodology. It contains:
+
+- Company identification steps
+- Privacy policy lookup guidance
+- CMP database URLs (CookieDatabase.org, Ghostery, etc.)
+- Essential vs non-essential determination criteria
+- Junk indicators and confidence levels
+- Output JSON format
+
+Follow every step in the prompt for each tracker you're assigned.
+
 ## Input
 
 You will receive:
@@ -24,71 +36,3 @@ You will receive:
 - Which purposes are actively used in which regimes
 
 Only recommend purposes from the provided list.
-
-## Research Steps (for EACH item)
-
-1. **Company identification**: Search the root domain (strip subdomains) to
-   find the operating company. Check for recent acquisitions or rebrands.
-
-2. **First-party privacy docs**: Find and read the company's privacy/cookie
-   policy. Look for how they classify their own tracking, what data they
-   collect, and stated purposes.
-
-3. **Service description**: Understand the business model. Ad tech? Analytics?
-   CMP? CDN? What specific product does this domain serve?
-
-4. **CMP databases**: Search cookiedatabase.org, cookiepedia.co.uk,
-   better.fyi/trackers, and Ghostery TrackerDB for existing classifications.
-
-5. **Third-party cookie policies**: Find other companies' published cookie
-   policies that classify this same tracker/service.
-
-6. **Essential vs non-essential**: Based on all evidence, would the site
-   break without this? Is it required for core functionality?
-
-## Output (for EACH item)
-
-Return JSON:
-
-```json
-{
-  "id": "<item id>",
-  "domain": "<domain or cookie name>",
-  "company_name": "<identified company>",
-  "company_description": "<what the company does, 1-2 sentences>",
-  "service_url": "<company homepage>",
-  "specific_product": "<what product/feature this domain serves>",
-  "recommended_purposes": ["Advertising", "Analytics"],
-  "confidence": "High|Medium|Low",
-  "is_junk": false,
-  "evidence_summary": "<2-3 sentence summary with key facts>",
-  "sources": ["<url1>", "<url2>"],
-  "suggested_description": "<one-line description to save as Transcend note>",
-  "first_party_privacy_url": "<URL of their privacy/cookie policy if found>",
-  "other_cmps_classify_as": "<what other CMPs say>"
-}
-```
-
-## Classification Rules
-
-IMPORTANT: Each customer has different purposes configured. The parent agent
-will provide the customer's available purposes in the prompt. Only recommend
-purposes from that list. If your research suggests a purpose category that
-doesn't exist for this customer, note it and suggest the closest available match.
-
-Common purpose patterns (for reference -- always verify against customer config):
-
-- Essential = site breaks without it (auth, security, CMP, CDN)
-- Functional = enhanced features (chat, preferences, A/B tests)
-- Analytics = usage measurement (GA, pageview counters)
-- Advertising = ad serving, targeting, retargeting, header bidding
-- SaleOfInfo = data sold/shared with third parties
-
-Items can have multiple purposes. Mark as junk if it's from a browser
-extension, malware, or not intentionally placed by the site operator.
-
-## Confidence Levels
-
-- **High**: First-party docs confirm, OR multiple CMPs agree, OR well-known tracker
-- **Medium**: Some evidence but no definitive first-party docs
-- **Low**: No docs found, best-guess only -- flag for manual review
diff --git a/.cursor/skills/consent-triage/SKILL.md b/.cursor/skills/consent-triage/SKILL.md
index ccc8ba75..ff662f73 100644
--- a/.cursor/skills/consent-triage/SKILL.md
+++ b/.cursor/skills/consent-triage/SKILL.md
@@ -1,116 +1,27 @@
 ---
 name: consent-triage
 description: >-
-  Triage cookies and data flows in Transcend Consent Manager. Fetches triage
-  backlog, researches trackers in parallel batches, presents findings for user
-  review, and pushes classifications back to Transcend. Use when the user
+  Triage cookies and data flows in Transcend Consent Manager. Use when the user
   mentions cookie triage, data flow triage, consent triage, classify trackers,
   or consent manager cleanup.
 ---
 
 # Consent Triage
 
-Systematically research and classify cookies and data flows discovered by
-Transcend's consent telemetry, then push approved classifications back.
+Invoke the **`consent-triage`** MCP prompt for the full workflow. It covers
+setup, batch fetching, research, review, classification push, and looping.
 
-Before starting, read the documentation links in
-[docs-reference.md](docs-reference.md).
+For Phase 3 (research), spawn subagents in parallel via the Task tool:
 
-## MCP Prompts and Resources
+- **consent-triage-researcher** agents (2+): split items into groups of 3-5.
+  Pass each group as a table with the customer's available purposes.
+- **consent-triage-inspector** agent (1): provide all tracker domains + the
+  site URL with regime override parameters.
 
-This skill's workflow, research methodology, and classification reference are
-defined as MCP prompts and resources in the consent MCP server. Use them as
-the canonical source of truth:
+Additional MCP prompts for subagent methodology:
 
-- **`consent-triage`** prompt -- the full 6-phase workflow (setup, fetch, research, review, push, loop)
-- **`consent-research-tracker`** prompt -- research methodology for classifying a tracker
-- **`consent-inspect-site`** prompt -- live site investigation via browser DevTools
+- **`consent-research-tracker`** -- research methodology for a single tracker
+- **`consent-inspect-site`** -- live site investigation via browser DevTools
 
-Resources (fetched live from docs.transcend.io with static fallback):
-
-- **Tracking Purposes** -- purpose definitions and classification reference
-- **Triage Guide** -- full triage workflow documentation
-- **Debugging & Testing** -- URL overrides, console commands, testing methodology
-- **Data Flows & Cookies** -- how telemetry discovers and regulates trackers
-- **Telemetry Overview** -- collection methods and data flow types
-
-Use `FetchMcpResource` to pull these into context, or invoke prompts with `CallMcpTool`.
-
-## Cursor-Specific Orchestration
-
-This skill uses two custom agents defined in `.cursor/agents/`:
-
-- **consent-triage-inspector** -- live site investigation via Chrome DevTools
-- **consent-triage-researcher** -- web research for tracker classification
-
-### Phase 1: Setup
-
-Call these MCP tools in parallel to gather the customer's configuration:
-
-```
-consent_list_airgap_bundles
-consent_get_triage_stats
-consent_list_purposes   -> save as available_purposes
-consent_list_regimes    -> save as configured_regimes
-```
-
-This is critical: customers have different purposes configured. Do NOT assume
-the defaults (Essential, Functional, Analytics, Advertising, SaleOfInfo) exist.
-Use ONLY the purposes returned by `consent_list_purposes` for classification.
-
-From the regimes data, determine the most permissive regime (fewest opted-out
-purposes) -- needed for live site investigation.
-
-Present the customer's setup and triage stats, then ask what to triage
-(cookies, data flows, or both) and confirm the batch size (default: 10).
-
-### Phase 2: Fetch Batch
-
-Fetch the next batch of items needing review, sorted by highest traffic:
-
-```
-consent_list_cookies { status: "NEEDS_REVIEW", limit: <batch_size> }
-consent_list_data_flows { status: "NEEDS_REVIEW", limit: <batch_size> }
-```
-
-### Phase 3: Research (Parallel Subagents)
-
-Launch the custom agents in parallel via the Task tool. Cursor will
-auto-delegate to the matching agent based on the task description.
-
-Spawn pattern for a batch of N items:
-
-- **2+ consent-triage-researcher** agents: split items into groups of 3-5,
-  provide each group as a table with id, domain, type, service, occurrences.
-  MUST also pass the customer's available purposes and regime-purpose mapping
-  from Phase 1 so the researcher only recommends valid purposes.
-- **1 consent-triage-inspector** agent: provide all tracker domains + the
-  site URL with regime override parameters
-
-All agents run as background tasks (`is_background: true`) in parallel.
-
-IMPORTANT: The bundle name (e.g. "acme-platform") may be a platform
-provider, not the actual site with trackers. If the main domain is a corporate
-page, find a real client site from the homepage and use that instead.
-
-### Phase 4: Present Findings
-
-Present all research results in review tables. See the `consent-triage`
-MCP prompt for the recommended presentation format.
-
-Ask the user to confirm, modify, or reject each recommendation before
-proceeding.
-
-### Phase 5: Push Classifications
-
-For confirmed items, update Transcend using the MCP tools:
-
-- `consent_update_data_flows` / `consent_update_cookies` for individual updates with notes
-- `consent_bulk_triage` for bulk approve or junk
-
-After pushing, report what was updated and show remaining triage count.
-
-### Phase 6: Loop
-
-Ask the user if they want to continue with the next batch. Repeat from Phase 2
-until the backlog is cleared or the user stops.
+MCP resources (live from docs.transcend.io) provide reference material on
+tracking purposes, triage workflow, debugging, and telemetry.
diff --git a/.cursor/skills/consent-triage/docs-reference.md b/.cursor/skills/consent-triage/docs-reference.md
deleted file mode 100644
index a6a827a6..00000000
--- a/.cursor/skills/consent-triage/docs-reference.md
+++ /dev/null
@@ -1,49 +0,0 @@
-# Transcend Consent Documentation Reference
-
-Read these docs before beginning a triage session to understand the full context.
-
-## Key Documentation Links
-
-| Doc                           | URL                                                                                                         | When to Read                       |
-| ----------------------------- | ----------------------------------------------------------------------------------------------------------- | ---------------------------------- |
-| Triage Guide                  | https://docs.transcend.io/docs/articles/consent-management/configuration/triage-cookies-and-dataflows-guide | Before starting any triage         |
-| Debugging & Testing           | https://docs.transcend.io/docs/articles/consent-management/reference/debugging-and-testing                  | Before live site investigation     |
-| Troubleshooting               | https://docs.transcend.io/docs/articles/consent-management/reference/troubleshoot-consent                   | When investigation hits issues     |
-| Data Flows & Cookies Overview | https://docs.transcend.io/docs/articles/consent-management/concepts/data-flows-and-cookies                  | Background on how telemetry works  |
-| Tracking Purposes             | https://docs.transcend.io/docs/articles/consent-management/concepts/tracking-purposes                       | Understanding purpose taxonomy     |
-| Regional Experiences          | https://docs.transcend.io/docs/articles/consent-management/configuration/regional-experiences               | Understanding regime configuration |
-| Telemetry Overview            | https://docs.transcend.io/docs/articles/consent-management/configuration/telemetry-overview                 | How trackers are discovered        |
-
-## MCP Tools Quick Reference
-
-All tools auto-resolve the airgap bundle ID from the API key. You never need
-to pass `airgap_bundle_id`.
-
-### Read-only (safe to call anytime)
-
-- `consent_list_airgap_bundles` -- get consent manager info (bundle ID, URLs, config)
-- `consent_get_triage_stats` -- backlog overview (supports `show_zero_activity` filter)
-- `consent_list_purposes` -- available tracking purposes
-- `consent_list_regimes` -- consent experiences with regions, purposes, opted-out purposes
-- `consent_list_cookies { status: "NEEDS_REVIEW" }` -- cookies needing review (paginated)
-- `consent_list_cookies { status: "LIVE" }` -- approved cookies
-- `consent_list_data_flows { status: "NEEDS_REVIEW" }` -- data flows needing review (paginated)
-- `consent_list_data_flows { status: "LIVE" }` -- approved data flows
-
-### Write (require user confirmation before calling)
-
-- `consent_update_cookies` -- update individual cookies (purposes, description, status, service)
-- `consent_update_data_flows` -- update individual data flows
-- `consent_bulk_triage` -- bulk approve or junk multiple items at once
-
-## Additional Reference
-
-For detailed investigation methodology, research steps, console commands,
-URL override parameters, and classification guidance, use the MCP prompts
-and resources registered in the consent server:
-
-- `consent-inspect-site` prompt -- URL overrides, console commands, JS evaluation snippets
-- `consent-research-tracker` prompt -- CMP databases, research methodology
-
-MCP resources fetch live content from the docs links above with static fallback.
-Use `FetchMcpResource` to pull any of them into context.

From d731b1214eb145b2a0902239980c9ba24e87a56f Mon Sep 17 00:00:00 2001
From: Michael Farrell <mike@transcend.io>
Date: Thu, 9 Apr 2026 18:28:12 -0700
Subject: [PATCH 10/12] FIES

---
 .cursor/skills/graphql-introspect/SKILL.md    | 152 ++++++++++++++++++
 .../mcp/mcp-server-admin/src/tools/index.ts   |   7 +-
 .../mcp/mcp-server-admin/tests/admin.test.ts  |   6 +-
 .../src/clients/graphql/base.ts               |  42 +++++
 packages/mcp/mcp-server-core/src/index.ts     |   1 +
 .../src/tools/graphql-introspect.ts           |  69 ++++++++
 6 files changed, 274 insertions(+), 3 deletions(-)
 create mode 100644 .cursor/skills/graphql-introspect/SKILL.md
 create mode 100644 packages/mcp/mcp-server-core/src/tools/graphql-introspect.ts

diff --git a/.cursor/skills/graphql-introspect/SKILL.md b/.cursor/skills/graphql-introspect/SKILL.md
new file mode 100644
index 00000000..5642897a
--- /dev/null
+++ b/.cursor/skills/graphql-introspect/SKILL.md
@@ -0,0 +1,152 @@
+---
+name: graphql-introspect
+description: >-
+  Validate and audit GraphQL queries against the live Transcend API schema.
+  Use when adding or modifying GQL definitions in the SDK, when MCP tools fail
+  with GRAPHQL_VALIDATION_FAILED errors, or when auditing schema drift.
+---
+
+# GraphQL Schema Validation
+
+Validate GraphQL queries against the live Transcend API schema using the
+`graphql_introspect` MCP tool. This tool sends queries to the API and reports
+schema validation errors without executing them.
+
+## When to Use
+
+- Before adding new fields to GQL query/mutation strings
+- Before adding new arguments to existing queries
+- When an MCP tool call fails with `GRAPHQL_VALIDATION_FAILED`
+- When auditing existing GQL definitions for schema drift
+- When extending TypeScript response interfaces with new fields
+
+## The Tool
+
+`graphql_introspect` is registered on the **transcend-admin** MCP server
+(`project-0-tools-transcend-admin`). It accepts a `query` string and optional
+`variables`, sends them to the live API, and returns structured validation
+results.
+
+### Parameters
+
+| Parameter   | Type   | Description                                        |
+| ----------- | ------ | -------------------------------------------------- |
+| `query`     | string | The GraphQL query/mutation string to validate      |
+| `variables` | object | Optional dummy variables for parameterized queries |
+
+### Response Shape
+
+```json
+{
+  "valid": true | false,
+  "validationErrors": [{ "message": "...", "locations": [...] }],
+  "executionErrors": ["..."],
+  "note": "..."
+}
+```
+
+- `valid: false` + `validationErrors` = schema mismatch (fields/args/types wrong)
+- `valid: true` + `executionErrors` = schema is fine, runtime errors from dummy vars
+- `valid: true` + `note` = everything passed
+
+## Validation Workflow
+
+### 1. Validate a Single Query
+
+Send the exact query string from the codebase:
+
+```
+graphql_introspect {
+  query: "query Test($input: AirgapBundleInput!, $first: Int!) { dataFlows(input: $input, first: $first, offset: 0) { totalCount nodes { id value } } }"
+}
+```
+
+If `valid: false`, the `validationErrors` will say exactly what's wrong, e.g.:
+
+- `Cannot query field "pageInfo" on type "DataFlowsPayload"`
+- `Unknown argument "filterBy" on field "Query.cookieStats"`
+
+### 2. Check if a Field Exists
+
+To check whether a specific field exists on a type, include it in a minimal
+query and see if validation passes:
+
+```
+graphql_introspect {
+  query: "query Test($input: AirgapBundleInput!) { cookieStats(input: $input) { liveCount needReviewCount junkCount newFieldName } }"
+}
+```
+
+### 3. Check if an Argument Exists
+
+```
+graphql_introspect {
+  query: "query Test($input: AirgapBundleInput!, $filterBy: CookiesFiltersInput) { cookieStats(input: $input, filterBy: $filterBy) { liveCount } }"
+}
+```
+
+## Extending GQL Definitions
+
+When adding new fields or arguments to the SDK's GraphQL definitions, follow
+this sequence:
+
+### Step 1: Validate the New Field/Argument
+
+Use `graphql_introspect` to confirm the field or argument exists in the live
+schema before writing any code.
+
+### Step 2: Update the GQL String
+
+Edit the query/mutation constant in `packages/sdk/src/consent/gqls/`. Add the
+new field to the selection set or the new argument to the variable definitions.
+
+### Step 3: Update the TypeScript Interface
+
+Add the corresponding property to the response interface in the same file.
+Every property must have a `/** JSDoc */` comment per project rules.
+
+### Step 4: Update the Tool Handler
+
+If the new field is user-facing, update the MCP tool handler in
+`packages/mcp/mcp-server-consent/src/tools/` to expose it.
+
+### Step 5: Build and Test
+
+```bash
+pnpm run --dir packages/sdk build
+pnpm run --dir packages/mcp/mcp-server-consent build
+pnpm run --dir packages/mcp/mcp-server-consent test
+```
+
+## Full Audit Workflow
+
+To audit all GQL definitions for schema drift:
+
+1. Read each file in `packages/sdk/src/consent/gqls/`
+2. Extract each `gql` tagged template string
+3. Send each to `graphql_introspect` (batch in parallel where possible)
+4. Collect any `valid: false` results
+5. Fix the GQL strings and TypeScript interfaces
+6. Rebuild and re-test
+
+### Files to Audit
+
+| File                       | Queries/Mutations                                                           |
+| -------------------------- | --------------------------------------------------------------------------- |
+| `cookies.ts`               | `COOKIES`, `UPDATE_OR_CREATE_COOKIES`, `DELETE_COOKIES`                     |
+| `dataFlows.ts`             | `DATA_FLOWS`, `CREATE_DATA_FLOWS`, `UPDATE_DATA_FLOWS`, `DELETE_DATA_FLOWS` |
+| `experiences.ts`           | `EXPERIENCES`, `UPDATE_CONSENT_EXPERIENCE`, `CREATE_CONSENT_EXPERIENCE`     |
+| `purposes.ts`              | `PURPOSES`                                                                  |
+| `stats.ts`                 | `COOKIE_STATS`, `DATA_FLOW_STATS`                                           |
+| `partitions.ts`            | `CONSENT_PARTITIONS`, `CREATE_CONSENT_PARTITION`                            |
+| `consentManager.ts`        | `FETCH_CONSENT_MANAGER`, `FETCH_CONSENT_MANAGER_ID`, etc.                   |
+| `consentManagerMetrics.ts` | `CONSENT_MANAGER_ANALYTICS_DATA`                                            |
+| `policy.ts`                | `POLICIES`, `UPDATE_POLICIES`                                               |
+| `privacyCenter.ts`         | `PRIVACY_CENTER`, `FETCH_PRIVACY_CENTER_ID`, etc.                           |
+| `processingPurpose.ts`     | `PROCESSING_PURPOSE_SUB_CATEGORIES`, etc.                                   |
+
+## Key Directories
+
+- GQL definitions: `packages/sdk/src/consent/gqls/`
+- MCP tool handlers: `packages/mcp/mcp-server-consent/src/tools/`
+- GraphQL client: `packages/mcp/mcp-server-core/src/clients/graphql/base.ts`
diff --git a/packages/mcp/mcp-server-admin/src/tools/index.ts b/packages/mcp/mcp-server-admin/src/tools/index.ts
index b4cbffa9..357403b1 100644
--- a/packages/mcp/mcp-server-admin/src/tools/index.ts
+++ b/packages/mcp/mcp-server-admin/src/tools/index.ts
@@ -1,4 +1,8 @@
-import type { ToolDefinition, ToolClients } from '@transcend-io/mcp-server-core';
+import {
+  createGraphqlIntrospectTool,
+  type ToolDefinition,
+  type ToolClients,
+} from '@transcend-io/mcp-server-core';
 
 import { createAdminCreateApiKeyTool } from './admin_create_api_key.js';
 import { createAdminGetCurrentUserTool } from './admin_get_current_user.js';
@@ -19,5 +23,6 @@ export function getAdminTools(clients: ToolClients): ToolDefinition[] {
     createAdminCreateApiKeyTool(clients),
     createAdminGetPrivacyCenterTool(clients),
     createAdminTestConnectionTool(clients),
+    createGraphqlIntrospectTool(clients.graphql),
   ];
 }
diff --git a/packages/mcp/mcp-server-admin/tests/admin.test.ts b/packages/mcp/mcp-server-admin/tests/admin.test.ts
index f88c7dfb..5b7dfad6 100644
--- a/packages/mcp/mcp-server-admin/tests/admin.test.ts
+++ b/packages/mcp/mcp-server-admin/tests/admin.test.ts
@@ -11,6 +11,7 @@ const EXPECTED_TOOL_NAMES = [
   'admin_create_api_key',
   'admin_get_privacy_center',
   'admin_test_connection',
+  'graphql_introspect',
 ] as const;
 
 describe('Admin Tools', () => {
@@ -42,6 +43,7 @@ describe('Admin Tools', () => {
       getPrivacyCenter: vi.fn(),
       testConnection: vi.fn(),
       getBaseUrl: vi.fn().mockReturnValue('https://api.transcend.io'),
+      validateQuery: vi.fn(),
     };
     mockRest = {
       testConnection: vi.fn(),
@@ -55,9 +57,9 @@ describe('Admin Tools', () => {
       graphql: mockGraphql,
     });
 
-  it('registers exactly 8 tools with expected names', () => {
+  it(`registers exactly ${EXPECTED_TOOL_NAMES.length} tools with expected names`, () => {
     const tools = getTools();
-    expect(tools).toHaveLength(8);
+    expect(tools).toHaveLength(EXPECTED_TOOL_NAMES.length);
     expect(tools.map((t) => t.name)).toEqual([...EXPECTED_TOOL_NAMES]);
   });
 
diff --git a/packages/mcp/mcp-server-core/src/clients/graphql/base.ts b/packages/mcp/mcp-server-core/src/clients/graphql/base.ts
index ca3e8a76..8822d57c 100644
--- a/packages/mcp/mcp-server-core/src/clients/graphql/base.ts
+++ b/packages/mcp/mcp-server-core/src/clients/graphql/base.ts
@@ -175,6 +175,48 @@ export class TranscendGraphQLBase {
     throw lastError || new Error('GraphQL request failed after all retries');
   }
 
+  /**
+   * Send a query to the server and return the raw response including any
+   * validation errors, without throwing. Useful for schema validation probes
+   * where we want to inspect GRAPHQL_VALIDATION_FAILED errors.
+   */
+  async validateQuery(
+    query: string,
+    variables?: Record<string, unknown>,
+  ): Promise<{
+    /** Response data, if any */
+    data?: unknown;
+    /** GraphQL errors from the server */
+    errors?: Array<{
+      /** Error message */
+      message: string;
+      /** Source locations in the query */
+      locations?: Array<{
+        /** Line number */
+        line: number;
+        /** Column number */
+        column: number;
+      }>;
+      /** Error extensions (contains code, validationErrorCode, etc.) */
+      extensions?: Record<string, unknown>;
+    }>;
+  }> {
+    await this.rateLimitWait();
+    const url = `${this.baseUrl}/graphql`;
+
+    const response = await fetch(url, {
+      method: 'POST',
+      headers: {
+        Authorization: `Bearer ${this.apiKey}`,
+        'Content-Type': 'application/json',
+        Accept: 'application/json',
+      },
+      body: JSON.stringify({ query, variables: variables ?? {} }),
+    });
+
+    return (await response.json()) as any;
+  }
+
   async testConnection(): Promise<boolean> {
     try {
       await this.makeRequest<{ __typename: string }>('query { __typename }');
diff --git a/packages/mcp/mcp-server-core/src/index.ts b/packages/mcp/mcp-server-core/src/index.ts
index b4c35bf8..2e0dca94 100644
--- a/packages/mcp/mcp-server-core/src/index.ts
+++ b/packages/mcp/mcp-server-core/src/index.ts
@@ -21,6 +21,7 @@ export type {
 export type { ResourceDefinition } from './resources/types.js';
 
 export { createToolResult, createErrorResult, createListResult, groupBy } from './tools/helpers.js';
+export { createGraphqlIntrospectTool } from './tools/graphql-introspect.js';
 
 export { createMCPServer } from './server/create-server.js';
 export type { MCPServerOptions } from './server/create-server.js';
diff --git a/packages/mcp/mcp-server-core/src/tools/graphql-introspect.ts b/packages/mcp/mcp-server-core/src/tools/graphql-introspect.ts
new file mode 100644
index 00000000..f86bbe71
--- /dev/null
+++ b/packages/mcp/mcp-server-core/src/tools/graphql-introspect.ts
@@ -0,0 +1,69 @@
+import { z } from 'zod';
+
+import type { TranscendGraphQLBase } from '../clients/graphql/base.js';
+import { createToolResult } from './helpers.js';
+import { defineTool } from './types.js';
+
+export const GraphqlIntrospectSchema = z.object({
+  query: z
+    .string()
+    .describe(
+      'A GraphQL query or mutation string to validate against the live schema. ' +
+        'The server will return GRAPHQL_VALIDATION_FAILED errors listing exactly ' +
+        'which fields, arguments, or types are invalid. Use dummy variable values ' +
+        'since the goal is schema validation, not data fetching.',
+    ),
+  variables: z
+    .record(z.string(), z.unknown())
+    .optional()
+    .describe('Optional variables to send with the query (use minimal dummy values).'),
+});
+
+export function createGraphqlIntrospectTool(graphql: TranscendGraphQLBase) {
+  return defineTool({
+    name: 'graphql_introspect',
+    description:
+      'Validate a GraphQL query against the live Transcend API schema. ' +
+      'Sends the query and reports whether it passes schema validation. ' +
+      'On failure, returns the exact validation errors (unknown fields, invalid arguments, type mismatches). ' +
+      'Use this to audit GQL definitions or verify new fields/arguments before adding them.',
+    category: 'Schema',
+    readOnly: true,
+    annotations: { readOnlyHint: true, destructiveHint: false, idempotentHint: true },
+    zodSchema: GraphqlIntrospectSchema,
+    handler: async ({ query, variables }) => {
+      const result = await graphql.validateQuery(query, variables);
+
+      if (result.errors?.length) {
+        const validationErrors = result.errors.filter(
+          (e) => e.extensions?.code === 'GRAPHQL_VALIDATION_FAILED',
+        );
+        const otherErrors = result.errors.filter(
+          (e) => e.extensions?.code !== 'GRAPHQL_VALIDATION_FAILED',
+        );
+
+        if (validationErrors.length > 0) {
+          return createToolResult(true, {
+            valid: false,
+            validationErrors: validationErrors.map((e) => ({
+              message: e.message,
+              locations: e.locations,
+            })),
+            ...(otherErrors.length > 0 ? { otherErrors: otherErrors.map((e) => e.message) } : {}),
+          });
+        }
+
+        return createToolResult(true, {
+          valid: true,
+          note: 'Schema valid. Execution errors are expected with dummy variables.',
+          executionErrors: otherErrors.map((e) => e.message),
+        });
+      }
+
+      return createToolResult(true, {
+        valid: true,
+        note: 'Query passed schema validation and executed successfully.',
+      });
+    },
+  });
+}

From 432944e789aa4d3febb6066118cf53a64d30f815 Mon Sep 17 00:00:00 2001
From: Michael Farrell <mike@transcend.io>
Date: Thu, 9 Apr 2026 18:29:35 -0700
Subject: [PATCH 11/12] FIES

---
 packages/mcp/mcp-server/tests/umbrella-tool-count.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/mcp/mcp-server/tests/umbrella-tool-count.ts b/packages/mcp/mcp-server/tests/umbrella-tool-count.ts
index 17d7fb39..4a0c72b4 100644
--- a/packages/mcp/mcp-server/tests/umbrella-tool-count.ts
+++ b/packages/mcp/mcp-server/tests/umbrella-tool-count.ts
@@ -2,4 +2,4 @@
  * Single source of truth for the expected number of tools in the umbrella server.
  * Update this constant when tools are added or removed from any domain package.
  */
-export const EXPECTED_UMBRELLA_TOOL_COUNT = 70;
+export const EXPECTED_UMBRELLA_TOOL_COUNT = 71;

From 44ca099f43b26041d82cf388bd1907eeeb3b859f Mon Sep 17 00:00:00 2001
From: Michael Farrell <mike@transcend.io>
Date: Thu, 9 Apr 2026 18:39:49 -0700
Subject: [PATCH 12/12] refactor: remove graphql_introspect tool (moved to
 separate PR #85)

---
 .cursor/skills/graphql-introspect/SKILL.md    | 152 ------------------
 .../mcp/mcp-server-admin/src/tools/index.ts   |   7 +-
 .../mcp/mcp-server-admin/tests/admin.test.ts  |   6 +-
 .../src/clients/graphql/base.ts               |  42 -----
 packages/mcp/mcp-server-core/src/index.ts     |   1 -
 .../src/tools/graphql-introspect.ts           |  69 --------
 .../mcp-server/tests/umbrella-tool-count.ts   |   2 +-
 7 files changed, 4 insertions(+), 275 deletions(-)
 delete mode 100644 .cursor/skills/graphql-introspect/SKILL.md
 delete mode 100644 packages/mcp/mcp-server-core/src/tools/graphql-introspect.ts

diff --git a/.cursor/skills/graphql-introspect/SKILL.md b/.cursor/skills/graphql-introspect/SKILL.md
deleted file mode 100644
index 5642897a..00000000
--- a/.cursor/skills/graphql-introspect/SKILL.md
+++ /dev/null
@@ -1,152 +0,0 @@
----
-name: graphql-introspect
-description: >-
-  Validate and audit GraphQL queries against the live Transcend API schema.
-  Use when adding or modifying GQL definitions in the SDK, when MCP tools fail
-  with GRAPHQL_VALIDATION_FAILED errors, or when auditing schema drift.
----
-
-# GraphQL Schema Validation
-
-Validate GraphQL queries against the live Transcend API schema using the
-`graphql_introspect` MCP tool. This tool sends queries to the API and reports
-schema validation errors without executing them.
-
-## When to Use
-
-- Before adding new fields to GQL query/mutation strings
-- Before adding new arguments to existing queries
-- When an MCP tool call fails with `GRAPHQL_VALIDATION_FAILED`
-- When auditing existing GQL definitions for schema drift
-- When extending TypeScript response interfaces with new fields
-
-## The Tool
-
-`graphql_introspect` is registered on the **transcend-admin** MCP server
-(`project-0-tools-transcend-admin`). It accepts a `query` string and optional
-`variables`, sends them to the live API, and returns structured validation
-results.
-
-### Parameters
-
-| Parameter   | Type   | Description                                        |
-| ----------- | ------ | -------------------------------------------------- |
-| `query`     | string | The GraphQL query/mutation string to validate      |
-| `variables` | object | Optional dummy variables for parameterized queries |
-
-### Response Shape
-
-```json
-{
-  "valid": true | false,
-  "validationErrors": [{ "message": "...", "locations": [...] }],
-  "executionErrors": ["..."],
-  "note": "..."
-}
-```
-
-- `valid: false` + `validationErrors` = schema mismatch (fields/args/types wrong)
-- `valid: true` + `executionErrors` = schema is fine, runtime errors from dummy vars
-- `valid: true` + `note` = everything passed
-
-## Validation Workflow
-
-### 1. Validate a Single Query
-
-Send the exact query string from the codebase:
-
-```
-graphql_introspect {
-  query: "query Test($input: AirgapBundleInput!, $first: Int!) { dataFlows(input: $input, first: $first, offset: 0) { totalCount nodes { id value } } }"
-}
-```
-
-If `valid: false`, the `validationErrors` will say exactly what's wrong, e.g.:
-
-- `Cannot query field "pageInfo" on type "DataFlowsPayload"`
-- `Unknown argument "filterBy" on field "Query.cookieStats"`
-
-### 2. Check if a Field Exists
-
-To check whether a specific field exists on a type, include it in a minimal
-query and see if validation passes:
-
-```
-graphql_introspect {
-  query: "query Test($input: AirgapBundleInput!) { cookieStats(input: $input) { liveCount needReviewCount junkCount newFieldName } }"
-}
-```
-
-### 3. Check if an Argument Exists
-
-```
-graphql_introspect {
-  query: "query Test($input: AirgapBundleInput!, $filterBy: CookiesFiltersInput) { cookieStats(input: $input, filterBy: $filterBy) { liveCount } }"
-}
-```
-
-## Extending GQL Definitions
-
-When adding new fields or arguments to the SDK's GraphQL definitions, follow
-this sequence:
-
-### Step 1: Validate the New Field/Argument
-
-Use `graphql_introspect` to confirm the field or argument exists in the live
-schema before writing any code.
-
-### Step 2: Update the GQL String
-
-Edit the query/mutation constant in `packages/sdk/src/consent/gqls/`. Add the
-new field to the selection set or the new argument to the variable definitions.
-
-### Step 3: Update the TypeScript Interface
-
-Add the corresponding property to the response interface in the same file.
-Every property must have a `/** JSDoc */` comment per project rules.
-
-### Step 4: Update the Tool Handler
-
-If the new field is user-facing, update the MCP tool handler in
-`packages/mcp/mcp-server-consent/src/tools/` to expose it.
-
-### Step 5: Build and Test
-
-```bash
-pnpm run --dir packages/sdk build
-pnpm run --dir packages/mcp/mcp-server-consent build
-pnpm run --dir packages/mcp/mcp-server-consent test
-```
-
-## Full Audit Workflow
-
-To audit all GQL definitions for schema drift:
-
-1. Read each file in `packages/sdk/src/consent/gqls/`
-2. Extract each `gql` tagged template string
-3. Send each to `graphql_introspect` (batch in parallel where possible)
-4. Collect any `valid: false` results
-5. Fix the GQL strings and TypeScript interfaces
-6. Rebuild and re-test
-
-### Files to Audit
-
-| File                       | Queries/Mutations                                                           |
-| -------------------------- | --------------------------------------------------------------------------- |
-| `cookies.ts`               | `COOKIES`, `UPDATE_OR_CREATE_COOKIES`, `DELETE_COOKIES`                     |
-| `dataFlows.ts`             | `DATA_FLOWS`, `CREATE_DATA_FLOWS`, `UPDATE_DATA_FLOWS`, `DELETE_DATA_FLOWS` |
-| `experiences.ts`           | `EXPERIENCES`, `UPDATE_CONSENT_EXPERIENCE`, `CREATE_CONSENT_EXPERIENCE`     |
-| `purposes.ts`              | `PURPOSES`                                                                  |
-| `stats.ts`                 | `COOKIE_STATS`, `DATA_FLOW_STATS`                                           |
-| `partitions.ts`            | `CONSENT_PARTITIONS`, `CREATE_CONSENT_PARTITION`                            |
-| `consentManager.ts`        | `FETCH_CONSENT_MANAGER`, `FETCH_CONSENT_MANAGER_ID`, etc.                   |
-| `consentManagerMetrics.ts` | `CONSENT_MANAGER_ANALYTICS_DATA`                                            |
-| `policy.ts`                | `POLICIES`, `UPDATE_POLICIES`                                               |
-| `privacyCenter.ts`         | `PRIVACY_CENTER`, `FETCH_PRIVACY_CENTER_ID`, etc.                           |
-| `processingPurpose.ts`     | `PROCESSING_PURPOSE_SUB_CATEGORIES`, etc.                                   |
-
-## Key Directories
-
-- GQL definitions: `packages/sdk/src/consent/gqls/`
-- MCP tool handlers: `packages/mcp/mcp-server-consent/src/tools/`
-- GraphQL client: `packages/mcp/mcp-server-core/src/clients/graphql/base.ts`
diff --git a/packages/mcp/mcp-server-admin/src/tools/index.ts b/packages/mcp/mcp-server-admin/src/tools/index.ts
index 357403b1..b4cbffa9 100644
--- a/packages/mcp/mcp-server-admin/src/tools/index.ts
+++ b/packages/mcp/mcp-server-admin/src/tools/index.ts
@@ -1,8 +1,4 @@
-import {
-  createGraphqlIntrospectTool,
-  type ToolDefinition,
-  type ToolClients,
-} from '@transcend-io/mcp-server-core';
+import type { ToolDefinition, ToolClients } from '@transcend-io/mcp-server-core';
 
 import { createAdminCreateApiKeyTool } from './admin_create_api_key.js';
 import { createAdminGetCurrentUserTool } from './admin_get_current_user.js';
@@ -23,6 +19,5 @@ export function getAdminTools(clients: ToolClients): ToolDefinition[] {
     createAdminCreateApiKeyTool(clients),
     createAdminGetPrivacyCenterTool(clients),
     createAdminTestConnectionTool(clients),
-    createGraphqlIntrospectTool(clients.graphql),
   ];
 }
diff --git a/packages/mcp/mcp-server-admin/tests/admin.test.ts b/packages/mcp/mcp-server-admin/tests/admin.test.ts
index 5b7dfad6..f88c7dfb 100644
--- a/packages/mcp/mcp-server-admin/tests/admin.test.ts
+++ b/packages/mcp/mcp-server-admin/tests/admin.test.ts
@@ -11,7 +11,6 @@ const EXPECTED_TOOL_NAMES = [
   'admin_create_api_key',
   'admin_get_privacy_center',
   'admin_test_connection',
-  'graphql_introspect',
 ] as const;
 
 describe('Admin Tools', () => {
@@ -43,7 +42,6 @@ describe('Admin Tools', () => {
       getPrivacyCenter: vi.fn(),
       testConnection: vi.fn(),
       getBaseUrl: vi.fn().mockReturnValue('https://api.transcend.io'),
-      validateQuery: vi.fn(),
     };
     mockRest = {
       testConnection: vi.fn(),
@@ -57,9 +55,9 @@ describe('Admin Tools', () => {
       graphql: mockGraphql,
     });
 
-  it(`registers exactly ${EXPECTED_TOOL_NAMES.length} tools with expected names`, () => {
+  it('registers exactly 8 tools with expected names', () => {
     const tools = getTools();
-    expect(tools).toHaveLength(EXPECTED_TOOL_NAMES.length);
+    expect(tools).toHaveLength(8);
     expect(tools.map((t) => t.name)).toEqual([...EXPECTED_TOOL_NAMES]);
   });
 
diff --git a/packages/mcp/mcp-server-core/src/clients/graphql/base.ts b/packages/mcp/mcp-server-core/src/clients/graphql/base.ts
index 8822d57c..ca3e8a76 100644
--- a/packages/mcp/mcp-server-core/src/clients/graphql/base.ts
+++ b/packages/mcp/mcp-server-core/src/clients/graphql/base.ts
@@ -175,48 +175,6 @@ export class TranscendGraphQLBase {
     throw lastError || new Error('GraphQL request failed after all retries');
   }
 
-  /**
-   * Send a query to the server and return the raw response including any
-   * validation errors, without throwing. Useful for schema validation probes
-   * where we want to inspect GRAPHQL_VALIDATION_FAILED errors.
-   */
-  async validateQuery(
-    query: string,
-    variables?: Record<string, unknown>,
-  ): Promise<{
-    /** Response data, if any */
-    data?: unknown;
-    /** GraphQL errors from the server */
-    errors?: Array<{
-      /** Error message */
-      message: string;
-      /** Source locations in the query */
-      locations?: Array<{
-        /** Line number */
-        line: number;
-        /** Column number */
-        column: number;
-      }>;
-      /** Error extensions (contains code, validationErrorCode, etc.) */
-      extensions?: Record<string, unknown>;
-    }>;
-  }> {
-    await this.rateLimitWait();
-    const url = `${this.baseUrl}/graphql`;
-
-    const response = await fetch(url, {
-      method: 'POST',
-      headers: {
-        Authorization: `Bearer ${this.apiKey}`,
-        'Content-Type': 'application/json',
-        Accept: 'application/json',
-      },
-      body: JSON.stringify({ query, variables: variables ?? {} }),
-    });
-
-    return (await response.json()) as any;
-  }
-
   async testConnection(): Promise<boolean> {
     try {
       await this.makeRequest<{ __typename: string }>('query { __typename }');
diff --git a/packages/mcp/mcp-server-core/src/index.ts b/packages/mcp/mcp-server-core/src/index.ts
index 2e0dca94..b4c35bf8 100644
--- a/packages/mcp/mcp-server-core/src/index.ts
+++ b/packages/mcp/mcp-server-core/src/index.ts
@@ -21,7 +21,6 @@ export type {
 export type { ResourceDefinition } from './resources/types.js';
 
 export { createToolResult, createErrorResult, createListResult, groupBy } from './tools/helpers.js';
-export { createGraphqlIntrospectTool } from './tools/graphql-introspect.js';
 
 export { createMCPServer } from './server/create-server.js';
 export type { MCPServerOptions } from './server/create-server.js';
diff --git a/packages/mcp/mcp-server-core/src/tools/graphql-introspect.ts b/packages/mcp/mcp-server-core/src/tools/graphql-introspect.ts
deleted file mode 100644
index f86bbe71..00000000
--- a/packages/mcp/mcp-server-core/src/tools/graphql-introspect.ts
+++ /dev/null
@@ -1,69 +0,0 @@
-import { z } from 'zod';
-
-import type { TranscendGraphQLBase } from '../clients/graphql/base.js';
-import { createToolResult } from './helpers.js';
-import { defineTool } from './types.js';
-
-export const GraphqlIntrospectSchema = z.object({
-  query: z
-    .string()
-    .describe(
-      'A GraphQL query or mutation string to validate against the live schema. ' +
-        'The server will return GRAPHQL_VALIDATION_FAILED errors listing exactly ' +
-        'which fields, arguments, or types are invalid. Use dummy variable values ' +
-        'since the goal is schema validation, not data fetching.',
-    ),
-  variables: z
-    .record(z.string(), z.unknown())
-    .optional()
-    .describe('Optional variables to send with the query (use minimal dummy values).'),
-});
-
-export function createGraphqlIntrospectTool(graphql: TranscendGraphQLBase) {
-  return defineTool({
-    name: 'graphql_introspect',
-    description:
-      'Validate a GraphQL query against the live Transcend API schema. ' +
-      'Sends the query and reports whether it passes schema validation. ' +
-      'On failure, returns the exact validation errors (unknown fields, invalid arguments, type mismatches). ' +
-      'Use this to audit GQL definitions or verify new fields/arguments before adding them.',
-    category: 'Schema',
-    readOnly: true,
-    annotations: { readOnlyHint: true, destructiveHint: false, idempotentHint: true },
-    zodSchema: GraphqlIntrospectSchema,
-    handler: async ({ query, variables }) => {
-      const result = await graphql.validateQuery(query, variables);
-
-      if (result.errors?.length) {
-        const validationErrors = result.errors.filter(
-          (e) => e.extensions?.code === 'GRAPHQL_VALIDATION_FAILED',
-        );
-        const otherErrors = result.errors.filter(
-          (e) => e.extensions?.code !== 'GRAPHQL_VALIDATION_FAILED',
-        );
-
-        if (validationErrors.length > 0) {
-          return createToolResult(true, {
-            valid: false,
-            validationErrors: validationErrors.map((e) => ({
-              message: e.message,
-              locations: e.locations,
-            })),
-            ...(otherErrors.length > 0 ? { otherErrors: otherErrors.map((e) => e.message) } : {}),
-          });
-        }
-
-        return createToolResult(true, {
-          valid: true,
-          note: 'Schema valid. Execution errors are expected with dummy variables.',
-          executionErrors: otherErrors.map((e) => e.message),
-        });
-      }
-
-      return createToolResult(true, {
-        valid: true,
-        note: 'Query passed schema validation and executed successfully.',
-      });
-    },
-  });
-}
diff --git a/packages/mcp/mcp-server/tests/umbrella-tool-count.ts b/packages/mcp/mcp-server/tests/umbrella-tool-count.ts
index 4a0c72b4..17d7fb39 100644
--- a/packages/mcp/mcp-server/tests/umbrella-tool-count.ts
+++ b/packages/mcp/mcp-server/tests/umbrella-tool-count.ts
@@ -2,4 +2,4 @@
  * Single source of truth for the expected number of tools in the umbrella server.
  * Update this constant when tools are added or removed from any domain package.
  */
-export const EXPECTED_UMBRELLA_TOOL_COUNT = 71;
+export const EXPECTED_UMBRELLA_TOOL_COUNT = 70;