Beyond tools/list
The Audity MCP server (https://app.auditynow.com/api/mcp) exposes three MCP capabilities, tools, prompts, and resources (declared in the server’s initialize response), plus per-tool metadata that rides along with tools/list. This page covers everything except the tools themselves: safety annotations on every tool, the prompt recipe menu, the read-only resource shelf, and structured output for the read tools that declare one.
The server exposes 100+ audity_* tools; the live tools/list response is always the authoritative count and catalog. Any instruction-aware client (Claude, Cursor, and similar) picks these capabilities up automatically, nothing extra to configure beyond the normal connect setup.
Tool safety annotations
Every tool returned bytools/list carries an annotations object with four MCP-standard hints:
The rules a client can rely on:
- Every
audity_get_*andaudity_list_*tool, plusaudity_export_project_json, is a read:readOnlyHint: true,idempotentHint: true,destructiveHint: false,openWorldHint: false. - Every other tool is a write,
readOnlyHint: false. Within writes:destructiveHint: trueonly foraudity_delete_assessment_question,audity_archive_project, andaudity_archive_lead, the three tools that remove something from an active view even though the change is soft/restorable. Every other write isdestructiveHint: false.idempotentHint: truefor everyaudity_update_*tool and foraudity_select_opportunities(re-sending the same selection converges on the same state). Every other write tool (audity_create_*,audity_add_*,audity_enqueue_*,audity_upload_document*, and the rest) isidempotentHint: false.openWorldHint: trueonly foraudity_enqueue_web_researchandaudity_enqueue_prospect_research, the two tools that fetch from the public web. Every other tool, read or write, isopenWorldHint: false.
Prompts
prompts/list returns four ready-to-run recipes; prompts/get renders one into a single user-role message with your arguments interpolated. Each prompt is grounded in the same pipeline order and posture as the Guided Audit Conductor, calling one doesn’t require you to also invoke /audit or any special mode, it’s just a pre-written instruction your agent executes with its normal tool access.
In a client that surfaces MCP prompts as slash commands or a picker, these show up alongside your own custom prompts. Calling one with missing required arguments is a client-side validation error,
prompts/get expects client_name for run-full-audit and project_id for generate-deliverables.
Resources
resources/list returns a read-only “deliverables shelf” built from your own most recent projects, no separate authorization step beyond your normal PAT. Two resource kinds exist per project:
audity://projects/{projectId}/deliverables, listed when the project has a current audit analysis or (fallback) any business analysis.audity://projects/{projectId}/final-report, listed when a compiled final report exists for the project.
mimeType: application/json. The final-report resource intentionally deviates from a plain-text/markdown expectation: report_data is a compiled JSON object (project info plus document/interview/audit analysis sections), never markdown prose, so labeling it application/json is the accurate shape rather than telling a client to render JSON as markdown.
resources/list inspects your 20 most recently updated projects and returns at most 40 resource entries total, so very large workspaces see a recent-first slice, not the full history. resources/read validates the URI (unknown kind, malformed shape, or a non-UUID project ID all fail before any data is fetched) and returns the exact same JSON body the matching tool (audity_get_deliverables or audity_get_final_report) would return for that project, the two surfaces cannot drift apart because they share one code path.
Structured output
14 read tools declare anoutputSchema on their tools/list entry, and their tools/call result carries the same payload twice: once as the usual JSON-stringified content[0].text (for any MCP client), and again as a structuredContent object (for clients that want to validate the result against the tool’s declared outputSchema without re-parsing text). The two are always the identical object, never independently derived.
The 14 tools with a declared outputSchema (as of this writing; the live tools/list response is authoritative for which tools currently declare one):
audity_get_navigation_status, audity_list_projects, audity_get_project_analysis, audity_get_project_opportunities, audity_get_job, audity_list_jobs, audity_list_leads, audity_get_lead, audity_get_credits, audity_get_tier, audity_list_memories, audity_list_project_documents, audity_get_roi_calculations, audity_get_assessment_results.
Every other tool, including audity_get_deliverables, has no outputSchema and no structuredContent. audity_get_deliverables is a deliberate omission: it returns four distinct success shapes depending on project state (business-analysis fallback, full audit view, an auto-degraded summary view, and a success: false “no analysis yet” response that is not an error), so a single schema would either misdescribe most of those branches or be so loose it added no value. Free-form or AI-generated fields inside the 14 declared schemas (job metadata, detailed analysis blobs, ROI calculation inputs/results) are typed as a loose, nullable object rather than a falsely precise shape, a schema-validating client should not reject a valid response just because one of these fields’ internal shape varies.
What’s next
- Guided Audit Conductor →, the
instructionsbrain and pipeline orchestration - Connect with one command →, MCP server setup and the full tool count
- API Reference →, the REST surface for clients without MCP support

