GitHub delivery evidence
Build and verify the change with supported GitHub context.
Import or sync OpenAPI documents, watch your API surface change over time, and run real requests with per-environment secrets, all through a proxy hardened against SSRF.
openapi.yaml · endpoints
One connected loop, held on the stage this capability serves. The other stages stay as context so you can see what feeds in and what comes next.
Build and verify the change.
Build and verify the change with supported GitHub context.
Inspect delivery workflow activity in the connected release workspace.
Investigate test outcomes and flakiness evidence across runs.
Keep supported API contracts inspectable alongside release evidence.
Compare public cloud compute pricing as planning evidence.
Import from a URL, an upload, or a connected GitHub repo; git specs auto-sync and every change becomes a numbered, immutable revision.
Source
url · upload · git
Validate
parse and check the contract
Revision
rev 14 · 42 endpoints
Drift
git specs polled for changes
Named environments scope to org, team, or a single spec, with typed string, url, and secret variables that are encrypted at rest.
The server-side proxy blocks internal targets, checks the resolved IP against DNS rebinding, and is permission-gated and audited.
Build request
method, headers, template
SSRF guard
resolve and check the target IP
Execute
manual redirects, hard timeout
Response
status, headers, duration
Someone in customer success needs to know if there’s an endpoint for bulk refunds. Today that means pinging an engineer, who then digs up the docs, or worse, turns on a tool and walks them through it. The answer exists. Getting to it costs two people an afternoon.
MCP Explorer exposes your tracked specs as a Model Context Protocol server, so a teammate’s AI assistant can search the surface, read the schema, and draft the call. Share a spec with a link and they can explore it directly. Every request still runs through the same permissioned, SSRF-hardened proxy, so self-serve never means unsafe.
Old way · waits on a dev
“Which call handles refunds? Can you enable the docs for me?”
With lube · self-serve
Asks the MCP Explorer, finds the endpoint, runs it in the sandbox.
Search the surface
Ask in plain language; the MCP server returns matching endpoints and schemas.
Share a spec link
Hand a colleague a link instead of a screenshot of the docs.
Run it safely
Calls still pass permissions and the SSRF-safe proxy, and land in the audit log.
Import sources, sync triggers, variable types, and per-revision stats are all first-class, so the contract stays honest over time.
Spec sources
Three ways in.
Sync triggers
How a re-check fires.
Variable types
With scopes.
Methods tracked
Counted per revision.
Spec stats
Health over time.
Proxy limits
Safety by default.
Honest scope
API Explorer is an OpenAPI and REST workbench. Git-sourced specs are GitHub-only, there is no GraphQL or gRPC model, and execute is a single request and response, so there are no multi-step runners or pre-request scripting.
Bring supported OpenAPI documents into the loop.