{"service":"desa","purpose":"Public-safe static encoded-script analysis, PowerShell deobfuscation, IOC extraction, and detection-rule explanation.","publicSafe":true,"staticOnly":true,"executionDisabled":true,"agentPolicy":{"allowed":["read discovery","analyze provided script text statically","decode provided text","extract IOCs","list rules","export caller-owned analysis results"],"disallowed":["execute scripts","invoke PowerShell","fetch embedded payload URLs","submit samples to external services without protected configuration"],"futureProtected":["bulk analysis","private persistence","sync jobs","rule mutation","report generation","administrative actions"]},"mcp":"https://desa.platphormnews.com/api/mcp","tools":["analyze_script","decode_powershell","extract_iocs","list_rules","get_rule","list_samples","get_sample","export_analysis","send_to_json_tree","send_to_ascii","send_to_xml","get_health","get_info","get_route_compliance","get_discovery_compliance","create_docs_report","create_sheet_report","create_deck_summary"],"trustPolicy":"Public-safe static encoded-script analysis, PowerShell decoding, IOC extraction, detection-rule browsing, local non-sensitive analysis history, read-only MCP introspection, RSS/feed consumption, trusted-domain discovery, standard route compliance, Vercel metadata capture, backend model scaffolding, and trace-linked DESA operations are intentionally supported for public defensive use. DESA does not execute submitted scripts. PLATPHORM_API_KEY support is scaffolded for future protected backend services, private analysis persistence, bulk analysis, sync, test-triggering, reporting, administrative actions, and sensitive operations."}