PixelML
diff --git a/‎README.md‎
Lines changed: 8 additions & 6 deletions b/‎README.md‎
Lines changed: 8 additions & 6 deletions
diff --git a/‎scripts/ops_coverage_harness.py‎
Lines changed: 33 additions & 1 deletion b/‎scripts/ops_coverage_harness.py‎
Lines changed: 33 additions & 1 deletion
diff --git a/‎scripts/ops_release_gate.py‎
Lines changed: 35 additions & 2 deletions b/‎scripts/ops_release_gate.py‎
Lines changed: 35 additions & 2 deletions
diff --git a/‎src/agenticflow_cli/main.py‎
Lines changed: 7 additions & 1 deletion b/‎src/agenticflow_cli/main.py‎
Lines changed: 7 additions & 1 deletion
@@ -33,9 +33,11 @@ High-level commands in this section are SDK-driven. `call` is the only raw trans
 
 `public_ops_manifest.json` is MCP-first and policy-lean:
 
-- 26 operations total
-- 18 `supported-executed` (safe/read/query/public wrapper)
-- 8 `supported-blocked-policy` (known side-effectful or risky flows kept for intent visibility only)
+- 33 operations total
+- `support_scope` is user-facing support intent for ranking/discovery.
+- `exposed_to_end_user` controls CLI catalog exposure.
+- `ci_live_execute` controls whether live release coverage executes the operation.
+- CI blocking does not imply end-user CLI blocking.
 
 - Supported by snapshot-backed commands:
   - `catalog export --public-only --json`
@@ -47,10 +49,10 @@ High-level commands in this section are SDK-driven. `call` is the only raw trans
   - `workflow validate --body '{\"nodes\":[]}' --dry-run`
   - `workflow run-status --workflow-run-id <id> --dry-run`
   - `agent get --agent-id <id> --dry-run`
-  - `node-types list --project-id <project_id> --dry-run`
+  - `node-types list --dry-run`
   - `connections list --workspace-id <workspace_id> --project-id <project_id> --dry-run`
   - `get_nodetype_models_v1_node_types__get` and `get_anonymous_messages_v1_agent_threads_anonymous__thread_id__messages_get` are available as anonymous MCP discovery/ops through `call`.
-  - `node-types dynamic-options` and workflow `create/run` are intentionally in `supported-blocked-policy` and must be blocked in automated coverage by default.
+  - Side-effectful operations can still be exposed to end users while remaining `ci_live_execute=false` for safe release gating.
 
 Admin/internal endpoints are intentionally not included in the bundled snapshot.
 
@@ -134,7 +136,7 @@ bash scripts/release_readiness.sh
 
 This validates operation-id mappings, runs unit tests, executes CLI dry-run smoke checks, and verifies the Node wrapper.
 
-Optional live API coverage gate (26-op MCP-first public scope) with real key:
+Optional live API coverage gate (manifest-scoped public surface) with real key:
 
 ```bash
 bash scripts/release_readiness.sh --live-ops-gate --env-file /path/to/.env
 
@@ -318,7 +318,7 @@ def _collect_declared_operations(
     declared: dict[str, dict[str, Any]] = {}
     for record in manifest_records:
         op_id = record["operation_id"]
-        support_scope = _normalize_support_scope(record.get("support_scope"))
+        support_scope = _derive_manifest_support_scope(record)
         support_rationale = str(
             record.get("support_rationale", "No support rationale declared in manifest.")
         )
@@ -346,6 +346,38 @@ def _normalize_support_scope(value: Any) -> str:
     return SUPPORT_SCOPE_ALIASES.get(normalized, SUPPORT_SCOPE_OUT_OF_SCOPE)
 
 
+def _coerce_manifest_bool(value: Any, *, default: bool) -> bool:
+    if isinstance(value, bool):
+        return value
+    if isinstance(value, str):
+        normalized = value.strip().lower()
+        if normalized in {"true", "1", "yes", "y", "on"}:
+            return True
+        if normalized in {"false", "0", "no", "n", "off"}:
+            return False
+    return default
+
+
+def _derive_manifest_support_scope(record: Mapping[str, Any]) -> str:
+    # `support_scope` remains supported for backward compatibility, while
+    # `exposed_to_end_user` + `ci_live_execute` define policy intent.
+    legacy_scope = _normalize_support_scope(record.get("support_scope"))
+    exposed_to_end_user = _coerce_manifest_bool(
+        record.get("exposed_to_end_user"),
+        default=legacy_scope != SUPPORT_SCOPE_UNSUPPORTED,
+    )
+    ci_live_execute = _coerce_manifest_bool(
+        record.get("ci_live_execute"),
+        default=legacy_scope == SUPPORT_SCOPE_EXECUTED,
+    )
+
+    if not exposed_to_end_user:
+        return SUPPORT_SCOPE_UNSUPPORTED
+    if ci_live_execute:
+        return SUPPORT_SCOPE_EXECUTED
+    return SUPPORT_SCOPE_BLOCKED
+
+
 def _first_non_empty(values: Mapping[str, str] | None, *keys: str) -> str | None:
     if values is None:
         return None
 
@@ -51,7 +51,8 @@ def _parse_args() -> argparse.Namespace:
     parser = argparse.ArgumentParser(
         description=(
             "Validate scripts/ops_coverage_harness.py JSON report against release "
-            "expectations derived from the public ops manifest by default."
+            "expectations derived from the public ops manifest "
+            "(prefer `exposed_to_end_user` + `ci_live_execute` when present)."
         )
     )
     parser.add_argument(
@@ -110,6 +111,38 @@ def _normalize_support_scope(value: Any) -> str:
     return SUPPORT_SCOPE_ALIASES.get(normalized, SUPPORT_SCOPE_UNSUPPORTED)
 
 
+def _coerce_manifest_bool(value: Any, *, default: bool) -> bool:
+    if isinstance(value, bool):
+        return value
+    if isinstance(value, str):
+        normalized = value.strip().lower()
+        if normalized in {"true", "1", "yes", "y", "on"}:
+            return True
+        if normalized in {"false", "0", "no", "n", "off"}:
+            return False
+    return default
+
+
+def _derive_manifest_support_scope(record: Mapping[str, Any]) -> str:
+    # Backward compatibility: if boolean fields are absent, derive from legacy
+    # support_scope aliases.
+    legacy_scope = _normalize_support_scope(record.get("support_scope"))
+    exposed_to_end_user = _coerce_manifest_bool(
+        record.get("exposed_to_end_user"),
+        default=legacy_scope != SUPPORT_SCOPE_UNSUPPORTED,
+    )
+    ci_live_execute = _coerce_manifest_bool(
+        record.get("ci_live_execute"),
+        default=legacy_scope == SUPPORT_SCOPE_EXECUTED,
+    )
+
+    if not exposed_to_end_user:
+        return SUPPORT_SCOPE_UNSUPPORTED
+    if ci_live_execute:
+        return SUPPORT_SCOPE_EXECUTED
+    return SUPPORT_SCOPE_BLOCKED
+
+
 def _load_manifest(path: Path) -> list[dict[str, Any]]:
     payload = json.loads(path.read_text(encoding="utf-8"))
     if not isinstance(payload, list):
@@ -125,7 +158,7 @@ def _derive_expected_counts_from_manifest(path: Path) -> dict[str, int]:
     records = _load_manifest(path)
     scope_counts: Counter[str] = Counter()
     for record in records:
-        scope_counts[_normalize_support_scope(record.get("support_scope"))] += 1
+        scope_counts[_derive_manifest_support_scope(record)] += 1
     return {
         "total": len(records),
         "executed": scope_counts[SUPPORT_SCOPE_EXECUTED],
 
@@ -697,7 +697,13 @@ def _apply_curated_manifest_filter(
     manifest_metadata = _manifest_metadata_by_operation_id()
     if not manifest_metadata:
         return operations
-    allowed_operation_ids = set(manifest_metadata)
+    allowed_operation_ids = {
+        operation_id
+        for operation_id, metadata in manifest_metadata.items()
+        if not isinstance(metadata, Mapping)
+        or not isinstance(metadata.get("exposed_to_end_user"), bool)
+        or bool(metadata.get("exposed_to_end_user"))
+    }
     return [
         operation
         for operation in operations