[comp] Production Deploy

apps/mcp-server/.speakeasy/gen.yaml

@@ -38,6 +38,7 @@ mcp-typescript:
     peerDependencies: {}
   advancedFlags: []
   author: Comp AI
+  baseErrorName: CompAiError
   cloudflareEnabled: false
   envVarPrefix: COMPAI
   fixEnumNameSanitization: false

apps/mcp-server/.speakeasy/workflow.lock

@@ -0,0 +1,34 @@
+speakeasyVersion: 1.768.2
+sources:
+    Comp AI API:
+        sourceNamespace: comp-ai-api
+        sourceRevisionDigest: sha256:b302e5300e40d0fab3877a0e5b05f1f6e2cb6e8f49feb04bf63ceae6ca1cad2e
+        sourceBlobDigest: sha256:52e0508a584fd65b385c007c981b9a37de6d514edbb7fa29be203c7c944c197c
+        tags:
+            - latest
+            - "1.0"
+targets:
+    comp-ai:
+        source: Comp AI API
+        sourceNamespace: comp-ai-api
+        sourceRevisionDigest: sha256:b302e5300e40d0fab3877a0e5b05f1f6e2cb6e8f49feb04bf63ceae6ca1cad2e
+        sourceBlobDigest: sha256:52e0508a584fd65b385c007c981b9a37de6d514edbb7fa29be203c7c944c197c
+workflow:
+    workflowVersion: 1.0.0
+    speakeasyVersion: latest
+    sources:
+        Comp AI API:
+            inputs:
+                - location: ../../packages/docs/openapi.json
+            overlays:
+                - location: ./.speakeasy/mcp-uploads-overlay.yaml
+            output: .speakeasy/out.openapi.yaml
+            registry:
+                location: registry.speakeasyapi.dev/comp-ai-ntv/comp-ai/comp-ai-api
+    targets:
+        comp-ai:
+            target: mcp-typescript
+            source: Comp AI API
+            publish:
+                npm:
+                    token: $npm_token

apps/mcp-server/README.md

@@ -27,14 +27,12 @@ Comp AI API: Compliance automation API for SOC 2, ISO 27001, HIPAA, GDPR, eviden
 <!-- Start Installation [installation] -->
 ## Installation
 
-> [!TIP]
-> To finish publishing your MCP Server to npm and others you must [run your first generation action](https://www.speakeasy.com/docs/github-setup#step-by-step-guide).
 <details>
 <summary>Claude Desktop</summary>
 
-Install the MCP server as a Desktop Extension using the pre-built [`mcp-server.mcpb`](./mcp-server.mcpb) file:
+Install the MCP server as a Desktop Extension using the pre-built [`mcp-server.mcpb`](https://github.com/trycompai/comp/releases/download/v0.0.1/mcp-server.mcpb) file:
 
-Simply drag and drop the [`mcp-server.mcpb`](./mcp-server.mcpb) file onto Claude Desktop to install the extension.
+Simply drag and drop the [`mcp-server.mcpb`](https://github.com/trycompai/comp/releases/download/v0.0.1/mcp-server.mcpb) file onto Claude Desktop to install the extension.
 
 The MCP bundle package includes the MCP server and all necessary configuration. Once installed, the server will be available without additional setup.
 

apps/mcp-server/RELEASES.md

@@ -0,0 +1,9 @@
+
+
+## 2026-05-28 19:52:17
+### Changes
+Based on:
+- OpenAPI Doc  
+- Speakeasy CLI 1.768.2 (2.889.1) https://github.com/speakeasy-api/speakeasy
+### Generated
+- [mcp-typescript v0.0.1] apps/mcp-server

apps/mcp-server/manifest.json

@@ -318,7 +318,7 @@
     },
     {
       "name": "delete-policy-pdf",
-      "description": "Delete a policy PDF\n\nDelete a policy PDF in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows."
+      "description": "Delete a policy version PDF\n\nDeletes the PDF from a specific policy version. If no versionId is provided, deletes from the latest draft version. Cannot delete PDFs from published or pending-approval versions."
     },
     {
       "name": "request-policy-pdf-upload-url",
@@ -792,6 +792,38 @@
       "name": "get-finding-history",
       "description": "Get activity history for a finding\n\nGet activity history for a finding in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an organization."
     },
+    {
+      "name": "create-role",
+      "description": "Create a custom role\n\nCreate a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control."
+    },
+    {
+      "name": "list-roles",
+      "description": "List all roles\n\nList all roles in Comp AI. Create custom roles and resolve permission sets for organization-level access control."
+    },
+    {
+      "name": "get-permissions-for-roles",
+      "description": "Resolve permissions for custom roles\n\nReturns the merged permissions for the given custom role names. Used by the frontend to resolve effective permissions for users with custom roles."
+    },
+    {
+      "name": "get-built-in-obligations",
+      "description": "Get obligations for a built-in role\n\nReturns the effective obligations for a built-in role (owner, admin, auditor, employee, contractor) — DB override if present, else the hardcoded default."
+    },
+    {
+      "name": "update-built-in-obligations",
+      "description": "Update obligations for a built-in role\n\nOverride the obligations for a built-in role (e.g., turn off the compliance obligation for owners). Permissions stay sourced from the hardcoded defaults."
+    },
+    {
+      "name": "get-role",
+      "description": "Get a role by ID\n\nGet a role by ID in Comp AI. Create custom roles and resolve permission sets for organization-level access control."
+    },
+    {
+      "name": "update-role",
+      "description": "Update a custom role\n\nUpdate a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control."
+    },
+    {
+      "name": "delete-role",
+      "description": "Delete a custom role\n\nDelete a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control."
+    },
     {
       "name": "questionnaire-find-all",
       "description": "List security questionnaires\n\nList saved security questionnaires for an organization so teams can track customer reviews, answer status, and response history."
@@ -1070,15 +1102,15 @@
     },
     {
       "name": "mark-finding-as-exception",
-      "description": "Mark a finding as an exception so it no longer appears in the active Scan Results list\n\nMark a finding as an exception so it no longer appears in the active Scan Results list in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work."
+      "description": "Mark a finding as an exception so it no longer appears in the active Scan Results list\n\nAccepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner and the audit log description records the calling key/service name."
     },
     {
       "name": "update-aws-scan-mode",
-      "description": "Switch the AWS scan engine for a connection (Comp AI scanners ↔ Security Hub)\n\nSwitch the AWS scan engine for a connection (Comp AI scanners ↔ Security Hub) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work."
+      "description": "Switch the AWS scan engine for a connection (Comp AI scanners ↔ Security Hub)\n\nAccepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner."
     },
     {
       "name": "revoke-exception",
-      "description": "Revoke an exception, reopening the finding\n\nRevoke an exception, reopening the finding in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work."
+      "description": "Revoke an exception, reopening the finding\n\nAccepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner."
     },
     {
       "name": "get-history",
@@ -1160,30 +1192,6 @@
       "name": "get-task-item-activity",
       "description": "Get task item activity log\n\nGet task item activity log in Comp AI. Manage task items and attachments linked to operational entities such as risks and vendors."
     },
-    {
-      "name": "create-role",
-      "description": "Create a custom role\n\nCreate a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control."
-    },
-    {
-      "name": "list-roles",
-      "description": "List all roles\n\nList all roles in Comp AI. Create custom roles and resolve permission sets for organization-level access control."
-    },
-    {
-      "name": "get-permissions-for-roles",
-      "description": "Resolve permissions for custom roles\n\nReturns the merged permissions for the given custom role names. Used by the frontend to resolve effective permissions for users with custom roles."
-    },
-    {
-      "name": "get-role",
-      "description": "Get a role by ID\n\nGet a role by ID in Comp AI. Create custom roles and resolve permission sets for organization-level access control."
-    },
-    {
-      "name": "update-role",
-      "description": "Update a custom role\n\nUpdate a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control."
-    },
-    {
-      "name": "delete-role",
-      "description": "Delete a custom role\n\nDelete a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control."
-    },
     {
       "name": "get-completions",
       "description": "List training completions\n\nList security awareness and HIPAA training completion records for workforce compliance tracking and audit evidence."