Your studio, augmented
Studio Manager handles the conversational ops; four specialist agents handle the cross-cutting work; the MCP server lets external AI clients read your venue's data with the same scope enforcement.
Read / write / analytics / vision / partner / client / public / onboarding / migration surfaces
Operations · Marketing · Financial · Retention
External Claude / GPT / custom agents read venue data via /api/mcp
Studio Manager
The single AI surface across every admin page. Ask in plain language — “What’s our bounce rate?”, “How much did we spend on SMS?”, “Schedule maintenance for room 2”, “Find duplicate clients”. Studio Manager has typed access to 188+ tools across the platform and respects every permission gate the venue admin uses by hand.
- Per-venue capability awareness — only suggests features the venue can actually use
- Permission level (1–5) per tool; level 4–5 actions confirm before mutating
- Migration Companion thread persists across the cutover boundary
- Tool audit log — every call recorded with prompt-injection flags, latency, outcome
Specialist agents
Operations
Front-of-house huddle generator, staff scheduling, equipment + maintenance, room conflicts, walk-in queue.
Marketing
Campaign planning, sequence drafting, segment building, churn-risk scoring, re-engagement triggers.
Financial
Revenue recognition, deferred-revenue waterfall, accountant exports, reconciliation, tax-period close.
Retention
Lifecycle stage classification, win-back triggers, lifetime-value cohorts, partner-network referrals.
Agent types are DB-driven — venue admins can extend with custom agents.
MCP server
Booking Bible exposes itself as a Model Context Protocol server at POST /api/mcp so Claude Desktop, custom GPTs, and in-house agents can read venue data conversationally with API-key auth + scope enforcement. 8 resources + 6 tools today; writes intentionally out of scope (read-only v1).
AI safety
Three guards keep AI calls bounded — prompt-injection regex on every tool input, row-cap enforcement per tool, scope-required gating per MCP tool. Every tool call lands in ai_tool_audit_log for the Art. 22 evidence trail.
- Prompt-injection guard — flags suspicious args + hides sensitive matches in audit
- Row caps per tool — DEFAULT_ROW_CAP=100, narrower per high-cardinality reads
- Scope assertion per MCP tool — JSON-RPC -32601 on permission miss (no leak)
- AI_NEGATIVE_BEHAVIOURS contract — system prompt + public AI agent contract stay aligned
Want to see Studio Manager live?
Try the sandbox demo — no signup, sample data, ask anything.