- app id, name, description, publisher, category, and distribution target
- surfaces and capabilities
- safety badges
- tool permission mode
- warnings
- review stage, install status, next gate, and blockers
- execute external app code
- register a collection entry
- prove publisher identity
- store review evidence
- sign the artifact
- make the package installable
preview-only when a showcase or sandbox preview exists but
install is not allowed. Use review-gated after validation when signing,
publisher verification, or stored review evidence is still missing.