Sandbox MCP
Understand organization MCP URLs, app MCP metadata, and internal sandbox control boundaries.
Sandbox MCP
OpenPond uses MCP in two different places. Keep them separate.
Organization MCP
Organization MCP URLs are customer-facing. They are scoped to one organization and protected by OAuth. Use them to let external clients discover and run supported OpenPond workflow tools for that organization.
App MCP from a template
A sandbox template can declare app MCP endpoint metadata in openpond.yaml. The app must serve its own MCP endpoint from the declared service and path. OpenPond uses the manifest metadata to route and scope the endpoint.
Internal sandbox control MCP
Internal sandbox control tools are not customer-facing app tools. They control sandbox lifecycle, files, PTY sessions, previews, billing, snapshots, and runner behavior. Those controls belong to OpenPond API, product UI, and trusted agent flows.
Rule of thumb
Use organization or app MCP for workflow capabilities. Use the sandbox UI or API for lifecycle and workspace control.