Update links and fix lint errors

Author: samkim

pages/mcp/authzed/authzed-mcp-server.mdx

@@ -1,10 +1,12 @@
 # AuthZed MCP Server
 
-Connect your AI tools to AuthZed and SpiceDB documentation using the Model Context Protocol (MCP). Access comprehensive documentation, API references, and authorization pattern examples directly from your AI assistant.
+Connect your AI tools to AuthZed and SpiceDB documentation using the Model Context Protocol (MCP).
+Access comprehensive documentation, API references, and authorization pattern examples directly from your AI assistant.
 
 ## Overview
 
-AuthZed MCP Server is a remote MCP server available at `https://mcp.authzed.com`. It provides tools with searchable access to SpiceDB and AuthZed resources, enabling you to learn about authorization systems, explore APIs, and find implementation examples without leaving your LLM chat or development environment.
+AuthZed MCP Server is a remote MCP server available at `https://mcp.authzed.com`.
+It provides tools with searchable access to SpiceDB and AuthZed resources, enabling you to learn about authorization systems, explore APIs, and find implementation examples without leaving your LLM chat or development environment.
 
 ### What You Can Do
 
@@ -33,6 +35,7 @@ Available on Pro and Plus accounts.
 
 1. Enable **Developer mode** in Settings
 2. Create connector:
+
 - **Name**: AuthZed
 - **MCP server URL**: `https://mcp.authzed.com`
 - **Authentication**: None
@@ -53,6 +56,7 @@ Available on Pro, Max, Team, and Enterprise plans.
 1. Open **Settings** → **Connectors**
 2. Select **Add custom connector**
 3. Configure:
+
 - **Name**: AuthZed
 - **URL**: `https://mcp.authzed.com`
 
@@ -75,6 +79,7 @@ Add to `.cursor/mcp.json`:
 1. Command Palette → **MCP: Add Server**
 2. Select **HTTP**
 3. Configure:
+
 - **URL**: `https://mcp.authzed.com`
 - **Name**: AuthZed
 
@@ -164,9 +169,11 @@ The assistant uses `send_feedback` to guide you through submitting structured fe
 
 **`system_instructions`** - View the system instructions for the AuthZed MCP server, including how it works and how to use it effectively.
 
-**`explain_concept`** - Ask questions about SpiceDB concepts, AuthZed features, schema design, API usage, best practices, or troubleshooting. Returns authoritative answers with documentation references and examples.
+**`explain_concept`** - Ask questions about SpiceDB concepts, AuthZed features, schema design, API usage, best practices, or troubleshooting.
+Returns authoritative answers with documentation references and examples.
 
-**`send_feedback`** - Provide feedback about the AuthZed MCP server, documentation, tools, or your general experience. The prompt guides you through submitting structured feedback.
+**`send_feedback`** - Provide feedback about the AuthZed MCP server, documentation, tools, or your general experience.
+The prompt guides you through submitting structured feedback.
 
 ## Available Resources
 
@@ -180,11 +187,13 @@ The assistant uses `send_feedback` to guide you through submitting structured fe
 ### Public Information Only
 
 The server provides access to:
+
 - Public SpiceDB and AuthZed documentation
 - Publicly available API specifications
 - Open source schema examples
 
 The server does **not** access:
+
 - Your AuthZed or SpiceDB instances
 - Your authorization data
 - Your application schemas
@@ -193,6 +202,7 @@ The server does **not** access:
 ### Verify the Endpoint
 
 Always confirm you're connecting to:
+
 ```
 https://mcp.authzed.com
 ```

pages/mcp/authzed/spicedb-dev-mcp-server.mdx

@@ -6,13 +6,16 @@ import { Callout } from 'nextra/components'
   The SpiceDB Dev MCP server is available as a Tech Preview. Tech Preview features provide the earliest access to upcoming product innovations, enabling you to test functionality and provide feedback during the development process.
 </Callout>
 
-Run a local SpiceDB development environment directly in your AI coding assistant. Build, test, and debug permissions systems interactively with an in-memory SpiceDB instance.
+Run a local SpiceDB development environment directly in your AI coding assistant.
+Build, test, and debug permissions systems interactively with an in-memory SpiceDB instance.
 
 ## Overview
 
-SpiceDB Dev MCP Server is a local development tool that runs an in-memory SpiceDB instance accessible through MCP. It's designed for developers actively building permissions systems who want to iterate quickly on schemas and test permission logic with AI assistance.
+SpiceDB Dev MCP Server is a local development tool that runs an in-memory SpiceDB instance accessible through MCP.
+It's designed for developers actively building permissions systems who want to iterate quickly on schemas and test permission logic with AI assistance.
 
 **Key characteristics**:
+
 - Runs locally on your machine
 - In-memory only (no persistence)
 - No external dependencies
@@ -37,7 +40,8 @@ zed mcp run
 
 The server starts on `http://localhost:9999/mcp` with an empty in-memory SpiceDB instance.
 
-**Important**: The server runs in-memory only. All schemas and relationships are lost when you stop the server.
+**Important**: The server runs in-memory only.
+All schemas and relationships are lost when you stop the server.
 
 ## Connecting Clients
 
@@ -58,6 +62,7 @@ claude
 ### Other Clients
 
 For MCP clients supporting HTTP transport, configure:
+
 ```
 Transport: HTTP
 URL: http://localhost:9999/mcp
@@ -69,7 +74,9 @@ URL: http://localhost:9999/mcp
 
 Start by defining your authorization model:
 
-> You: "Create a schema for a document sharing system. Documents have owners, editors, and viewers. Owners can share documents, editors can edit, and viewers can only read."
+> You: "Create a schema for a document sharing system.
+> Documents have owners, editors, and viewers.
+> Owners can share documents, editors can edit, and viewers can only read."
 
 The assistant uses `write_schema` to create the schema in your development instance.
 
@@ -150,6 +157,7 @@ The assistant updates the schema with `write_schema` and you can immediately tes
 ### Testing Edge Cases
 
 Use the development server to test:
+
 - Indirect permissions through [subject relations](/spicedb/concepts/schema#subject-relations)
 - Complex permission unions and intersections
 - Caveat evaluation with different contexts
@@ -158,6 +166,7 @@ Use the development server to test:
 ### Validation Files
 
 Use validation files to:
+
 - Define expected permission outcomes
 - Test your schema systematically
 - Document authorization requirements
@@ -169,32 +178,32 @@ Access with `validation://current` resource.
 
 The MCP server works with your AI assistant to help you save schemas and validation files to disk.
 
-**Exporting Schemas**
+#### Exporting Schemas
 
 Ask your assistant to save the current schema to a file:
 
 > You: "Save my schema to schema.zed"
-
+>
 > You: "Write the current schema to permissions/document-sharing.zed"
 
 The assistant reads from `schema://current` and writes the schema to your specified file path.
 
-**Exporting Validation Files**
+#### Exporting Validation Files
 
 Save validation test cases to preserve your permission tests:
 
 > You: "Save the validation file to tests/permissions.yaml"
-
+>
 > You: "Export validation to document-tests.yaml"
 
 The assistant reads from `validation://current` and writes the validation YAML to your specified file.
 
-**Loading Existing Files**
+#### Loading Existing Files
 
 You can also load schemas from existing files:
 
 > You: "Load the schema from schema.zed and apply it to the dev server"
-
+>
 > You: "Read permissions/document-sharing.zed and write it to the MCP server"
 
 The assistant reads your file and uses `write_schema` to apply it to the development instance.
@@ -204,6 +213,7 @@ The assistant reads your file and uses `write_schema` to apply it to the develop
 ### Local Development Only
 
 **Never use in production**:
+
 - No authentication or authorization on the server itself
 - In-memory only, no data persistence
 - Designed for localhost access only
@@ -233,11 +243,13 @@ The assistant reads your file and uses `write_schema` to apply it to the develop
 ### Server Won't Start
 
 **Check Zed CLI installation**:
+
 ```bash
 zed version
 ```
 
 **Port 9999 in use**:
+
 ```bash
 # macOS/Linux
 lsof -i :9999
@@ -257,7 +269,7 @@ netstat -an | findstr 9999
 
 ### Schema Errors
 
-**Syntax errors**: Review against [SpiceDB schema documentation](#)
+**Syntax errors**: Review against [SpiceDB schema documentation](/spicedb/modeling/developing-a-schema)
 
 **Undefined types**: Ensure all referenced types are defined in the schema
 
@@ -266,6 +278,7 @@ netstat -an | findstr 9999
 ### Unexpected Permission Results
 
 **Debug process**:
+
 1. View current schema: `schema://current`
 2. List all relationships: `relationships://all`
 3. Check indirect permission paths
@@ -274,9 +287,11 @@ netstat -an | findstr 9999
 
 ### Data Loss
 
-**Remember**: The server is in-memory only. All data is lost when stopped.
+**Remember**: The server is in-memory only.
+All data is lost when stopped.
 
 **To preserve work**:
+
 - Save schemas to files regularly
 - Export relationships for test cases
 - Use validation files to document expected behavior
@@ -290,17 +305,18 @@ When ready to move beyond development:
    - Ask your assistant: "Save my schema to schema.zed"
 2. **Document permissions**: Create comprehensive validation files
    - Ask your assistant: "Save validation to tests/permissions.yaml"
-3. **Deploy SpiceDB**: See [SpiceDB deployment guide](#)
-4. **Connect your application**: Use [SpiceDB client libraries](#)
+3. **Deploy SpiceDB**: See [Deploying with SpiceDB Operator](/spicedb/ops/deploying-spicedb-operator)
+4. **Connect your application**: Use [SpiceDB client libraries](/spicedb/getting-started/client-libraries)
 5. **Import relationships**: Migrate test relationships if appropriate
 6. **Test thoroughly**: Validate in staging before production
 
-The development server is not suitable for production use. Deploy a proper SpiceDB instance with authentication, persistence, and monitoring.
+The development server is not suitable for production use.
+Deploy a proper SpiceDB instance with authentication, persistence, and monitoring.
 
 ## Resources
 
-- [SpiceDB Documentation](#)
-- [Schema Language Reference](#)
-- [Zed CLI Documentation](#)
-- [SpiceDB Client Libraries](#)
-- [Validation Testing Guide](#)
+- [SpiceDB Documentation](/spicedb/getting-started/discovering-spicedb)
+- [Schema Language Reference](/spicedb/modeling/developing-a-schema)
+- [Zed CLI Documentation](/spicedb/getting-started/installing-zed)
+- [SpiceDB Client Libraries](/spicedb/getting-started/client-libraries)
+- [Validation Testing Guide](/spicedb/modeling/validation-testing-debugging)

pages/mcp/index.mdx

@@ -2,7 +2,8 @@
 
 ## Overview
 
-Model Context Protocol (MCP) is an open standard that enables large language models (LLMs) to communicate with external tools and data sources. Often referred to as "USB-C for AI", MCP provides a universal interface that allows AI applications to integrate once and interoperate with any MCP-compatible system.
+Model Context Protocol (MCP) is an open standard that enables large language models (LLMs) to communicate with external tools and data sources.
+Often referred to as "USB-C for AI", MCP provides a universal interface that allows AI applications to integrate once and interoperate with any MCP-compatible system.
 
 By standardizing how AI tools access external data and functionality, MCP eliminates the need for custom integrations between every AI application and every external service.
 
@@ -22,35 +23,41 @@ LLMs face fundamental limitations when providing contextually relevant responses
 
 ### How MCP Works
 
-The MCP specification standardizes how AI tools interact with data sources and functionality. Instead of building separate integrations for each AI application and external service, developers implement MCP once and gain compatibility across the entire ecosystem.
+The MCP specification standardizes how AI tools interact with data sources and functionality.
+Instead of building separate integrations for each AI application and external service, developers implement MCP once and gain compatibility across the entire ecosystem.
 
 MCP uses a client-server architecture:
 
 - **MCP Host**: The AI application that users interact with (IDEs like Cursor or Windsurf, chat applications like ChatGPT or Claude, AI agents)
 - **MCP Client**: The connection component within the host that communicates with external services
 - **MCP Server**: The external service being accessed (databases, APIs, cloud services)
 
-Each MCP host must create and manage separate MCP client connections for each MCP server it communicates with. This architecture enables AI applications to access multiple data sources and tools simultaneously while maintaining clear separation between services.
+Each MCP host must create and manage separate MCP client connections for each MCP server it communicates with.
+This architecture enables AI applications to access multiple data sources and tools simultaneously while maintaining clear separation between services.
 
 ## Core Capabilities
 
 MCP provides three primitives for extending LLM functionality:
 
 ### Resources
 
-Resources inject information into the AI's context. This includes configuration data, documentation, company policies, product catalogs, or customer information. Resources enable AI models to work with accurate, current data without manual intervention.
+Resources inject information into the AI's context.
+This includes configuration data, documentation, company policies, product catalogs, or customer information.
+Resources enable AI models to work with accurate, current data without manual intervention.
 
 **Example use case**: When drafting a customer email, automatically provide the customer's order history, support ticket details, and account preferences so the AI can write personalized, contextually accurate responses.
 
 ### Tools
 
-Tools enable AI models to trigger actions on behalf of users based on goals and information in the context. They allow AI to interact with external systems, automating tasks that would otherwise require manual execution across multiple applications.
+Tools enable AI models to trigger actions on behalf of users based on goals and information in the context.
+They allow AI to interact with external systems, automating tasks that would otherwise require manual execution across multiple applications.
 
 **Example use case**: Create a new project in your task management system, assign team members, set deadlines, and generate initial task lists—all from a single conversation with the AI, without switching between applications.
 
 ### Prompts
 
-Prompts provide tested, reusable instructions that guide AI behavior consistently. Instead of users needing to craft precise instructions each time, MCP servers can supply pre-configured prompts that have been refined for specific tasks or contexts.
+Prompts provide tested, reusable instructions that guide AI behavior consistently.
+Instead of users needing to craft precise instructions each time, MCP servers can supply pre-configured prompts that have been refined for specific tasks or contexts.
 
 **Example use case**: When analyzing customer feedback, use a standardized prompt that ensures the AI always considers sentiment, key themes, and actionable insights in a consistent format across your team.
 
@@ -64,19 +71,25 @@ The MCP specification has evolved rapidly since its introduction, with three maj
 - **2025-03-26**: Enhanced security features
 - **2025-06-18**: Enterprise readiness improvements
 
-The most recent versions have focused heavily on security and enterprise readiness, introducing mechanisms to authenticate users and clients while providing recommendations for authorizing resource access. The ability to implement granular access controls for resources is especially critical for enterprises integrating sensitive company and user data with MCP servers.
+The most recent versions have focused heavily on security and enterprise readiness, introducing mechanisms to authenticate users and clients while providing recommendations for authorizing resource access.
+The ability to implement granular access controls for resources is especially critical for enterprises integrating sensitive company and user data with MCP servers.
 
 ### Deployment Considerations
 
 MCP servers can be deployed in two primary configurations, each with distinct authorization requirements:
 
 #### Local MCP Servers
 
-Local servers run as single instances on individual machines. These servers are assumed to be under the custodian of the user running them. Most MCP clients provide functionality that prompts users to approve tool invocations and resource access before execution. While this provides a basic security layer, it relies on user vigilance and awareness.
+Local servers run as single instances on individual machines.
+These servers are assumed to be under the custodian of the user running them.
+Most MCP clients provide functionality that prompts users to approve tool invocations and resource access before execution.
+While this provides a basic security layer, it relies on user vigilance and awareness.
 
 #### Remote MCP Servers
 
-Remote servers are hosted and accessed in multi-tenant environments, serving multiple users and organizations. These deployments require robust authentication and access control mechanisms for MCP resources. The MCP specification provides high-level guidance for authorization, but implementation details—including specific permission models and accurate enforcement—are the responsibility of MCP server developers.
+Remote servers are hosted and accessed in multi-tenant environments, serving multiple users and organizations.
+These deployments require robust authentication and access control mechanisms for MCP resources.
+The MCP specification provides high-level guidance for authorization, but implementation details—including specific permission models and accurate enforcement—are the responsibility of MCP server developers.
 
 ### Security Risks: The Lethal Trifecta
 
@@ -86,7 +99,9 @@ Security researcher Simon Willison identified a [dangerous combination of capabi
 2. **Exposure to untrusted content**: Any mechanism by which text or images controlled by a malicious attacker could become available to your LLM
 3. **The ability to externally communicate**: Methods that could be used to exfiltrate your data
 
-Implementing robust authorization in your MCP server can mitigate these risks within your service. However, once data from your MCP server is sent to the MCP host application and becomes part of the context, you lose control over access to that data. AI applications often have multiple MCP servers enabled simultaneously, and you cannot enforce permissions for actions taken on your data within other servers or the host application itself.
+Implementing robust authorization in your MCP server can mitigate these risks within your service.
+However, once data from your MCP server is sent to the MCP host application and becomes part of the context, you lose control over access to that data.
+AI applications often have multiple MCP servers enabled simultaneously, and you cannot enforce permissions for actions taken on your data within other servers or the host application itself.
 
 ### Best Practices