Textree is no longer just a skeleton repo, but it is still an alpha with deliberate constraints.

What is in:

• operator-managed API keys
• workspace and campaign suppression enforcement
• spend-limit gating and ledger-backed authorization
• verified messaging and funding provider webhooks
• MCP execution scopes, quotas, timeouts, and audit records

What is still intentionally narrow:

• API key lifecycle is managed in the authenticated app, not the public API
• the message API focuses on queue and status, not full admin CRUD
• the MCP registry is configured server-side
• funding is optional and remains inside the Peer boundary

That tradeoff is deliberate. Textree is prioritizing safe execution surfaces before broadening the product contract.