MCP · read-only V1

Give AI agents production context for your extension.

Connect Codex, Claude, or any compatible agent to extension.report through MCP. The agent can investigate redacted errors and event traces, assess releases, query product analytics, or build reports without receiving a project secret or write access.

Machine-readable version: /docs/mcp.txt

Connect an agent

Give the client one URL. OAuth discovery, public-client registration, sign-in, consent, and token refresh follow standard metadata.

MCP server URL: https://extension.report/mcp
Transport: Streamable HTTP
Authentication: OAuth 2.1 + PKCE

Read analytics

analytics:read

Projects, populations, daily metrics, product usage, breakdowns, and retention.

Read diagnostics

diagnostics:read

Redacted events and errors, installation traces, and release health.

OAuth access is bound to the signed-in user. Every tool call checks that user's current project access and the workspace/project MCP switches. The Free plan includes MCP and keeps its normal retention limit.

Tool surface

Ten focused tools make selection predictable for agents. All are declared read-only, non-destructive, and idempotent.

ToolScopeWhen an agent should use it
get_contextanalytics:readDiscover accessible projects, retention, scopes, and time semantics. Always start here.
get_project_overviewanalytics:readGet installed population, acquisition/churn flows, adoption, yesterday's report, and active alerts.
query_metricsanalytics:readGet exact daily metric series and totals with optional version, country, or browser filters.
query_product_usageanalytics:readDiscover and query custom feature events for product adoption and dashboards.
query_breakdownanalytics:readBreak installs, uninstalls, active installations, or events down by version, country, or browser.
query_retentionanalytics:readGet denominator-backed retention plus weekly retained, resurrected, and churned populations.
search_eventsdiagnostics:readSearch redacted event evidence with filters and opaque pagination.
query_errorsdiagnostics:readGroup SDK error reports by stable fingerprint and inspect affected versions and populations.
get_installation_timelinediagnostics:readInspect a chronological trace for one exact installation id.
get_release_healthdiagnostics:readCompare version rollout, errors, uninstalls, active population, and update lag.

Debug an extension error

An evidence-first path from symptom to a supported correction.

  1. 1

    Discover

    Call get_context and select a project id.

  2. 2

    Triage

    Call get_project_overview, then query_errors for the suspected UTC window.

  3. 3

    Compare

    Use get_release_health to test whether the signal follows a version rollout.

  4. 4

    Trace

    Inspect the minimum useful sample with get_installation_timeline.

  5. 5

    Symbolicate

    Run the doctor locally with your private source map; no source upload is required.

pnpm dlx @extension-report/doctor --symbolicate stack.txt \n  --source-map dist/background.js.map

Source maps and source content remain on the developer's machine. The helper maps returned minified frames locally and performs no network request in symbolication mode.

Data contracts agents must preserve

  • Usage uses occurred_at in UTC; ingestion monitoring uses received_at.
  • Installed, active, and engaged are distinct populations. One visualization uses one window.
  • Every rate needs a numerator, denominator, and reference. Below 50 installed extensions, prefer counts.
  • Plan retention is enforced server-side and reported in response metadata. Absence outside that range is unknown, not zero.
  • SDK error reports are fingerprint-deduplicated; report count is not an exception-occurrence counter.

Security boundaries

  • No V1 tool can mutate product or account state.
  • Diagnostics redact secret-like keys, authorization material, cookies, response bodies, and oversized nested content.
  • Analytics and diagnostics have separate permissions and rate limits.
  • Audit rows record identity, client, project, tool, status, duration, and row count—not arguments or results.
  • Connections can be revoked and MCP can be disabled globally, by workspace, or by project.

Build dashboards and operating reports

The same surface supports recurring reporting without exposing raw credentials.

Start with get_project_overview, establish one UTC period, then select only the required series, usage events, breakdowns, and retention evidence. State the period, population, retention limit, and confidence alongside the result.

The server also exposes the prompts build-analytics-dashboard and write-executive-report, plus a resource describing each project's current capabilities.