from @maxwellgerber:
Can you provide an example of when this mapping would be useful to reveal to the Client, where the equivalent information wouldn't be part of the existing inputSchema descriptions? Unless the client understands the entire policy orchestration system, I'm not sure that knowing the request mapping is actually that useful. And I know people have concerns about revealing too much about system authz mechanics to agents out of fear that the agent will poke at things it shouldn't. (Oh, I can't make a request in $USD, let me try $CND and see if that goes through.... etc)
from @maxwellgerber:
Can you provide an example of when this mapping would be useful to reveal to the Client, where the equivalent information wouldn't be part of the existing inputSchema descriptions? Unless the client understands the entire policy orchestration system, I'm not sure that knowing the request mapping is actually that useful. And I know people have concerns about revealing too much about system authz mechanics to agents out of fear that the agent will poke at things it shouldn't. (Oh, I can't make a request in $USD, let me try $CND and see if that goes through.... etc)