{
  "resource": "https://cypherlab.ai",
  "authorization_servers": ["https://cypherlab.ai/.well-known/oauth-authorization-server"],
  "scopes_supported": [],
  "bearer_methods_supported": [],
  "resource_name": "Cypher Lab",
  "resource_documentation": "https://cypherlab.ai/llms.txt",
  "agent_auth_documentation": "https://cypherlab.ai/auth.md",
  "_note": "Stub. The cypherlab.ai marketing site has NO OAuth-protected APIs and no required credentials (anonymous public read). authorization_servers points to the matching authorization-server stub, completing the RFC 9728 / RFC 8414 discovery chain. scopes_supported and bearer_methods_supported are intentionally EMPTY: this marketing origin accepts no OAuth tokens and enforces no scopes or bearer methods. (isitagentready's authMd 'Validate Protected Resource Metadata' sub-step wants these populated, but doing so would falsely assert a token-protected posture; we keep them honestly empty. See #5257.) The separate authenticated App Hub at apps.cypherlab.ai is Clerk-protected and has its own discovery metadata. See /auth.md for full agent auth posture."
}