Product.ai / Join / Projects / External MCP Server v1 — Product.ai's commerce-knowledge query endpoints exposed for AI agents
Project Open to Alpha Team

External MCP Server v1 — Product.ai's commerce-knowledge query endpoints exposed for AI agents

Design and ship Product.ai's external-facing MCP server v1 — the surface AI agents (Claude, ChatGPT, Gemini agents, custom agents) call to query verified commerce knowledge. OAuth 2.1 authentication, audit logging, gateway-mediated authorization, vendor-official-server discipline (Stripe / GitHub / Sentry / Slack-class production-grade), 9-point reliability rubric satisfied, security architected defensively per the MCP Dev Summit 2026 vulnerability disclosures.
Project Overview
Discipline
software-engineer-backend · AI Systems — AI Engineer · ai-systems-engineer
Duration
3 weeks
Compensation
Your stated freelance rate
Surface
Agent commerce · Product.ai · Truth Graph
Kernels
agent-commerce · productai · truth-graph
Outcomes
dev-integrate · agent-infra · truth-graph-depth
Tier
Consequential
Alpha Team
Open to alpha members who want to take this on
Tooling
Claude Code or Co-work

Why we want this done

The agent-commerce kernel is unambiguous: protocol commerce will dominate. Protocol economics are 10-100x cheaper than browser automation, 99% reliable vs. 60-70%, and structurally selected against by merchant WAFs and Cloudflare default-block policies. Product.ai's "embedded in the AI fabric" thesis depends on AI agents calling our verified commerce knowledge from their reasoning loops. Today we have internal MCP infrastructure (Cortex MCP, SimplyCodes MCP, Product.ai MCP) but no external-facing MCP server with the production discipline external agents require — OAuth, audit logging, gateway-mediated authorization, defensive architecture against DNS rebinding (Jonathan Leitschuh's MCP Dev Summit 2026 demonstration successfully compromised the official MCP Inspector, Google Cloud Run, Docker MCP gateway, AWS Labs server). The candidate ships the production-grade external MCP that earns the right to be called by Claude, ChatGPT, and Gemini agents. This is the highest-leverage backend project in the library.

Scope

  1. Read the agent-commerce kernel and truth-graph kernel end-to-end — physics is non-optional
  2. Scope the v1 endpoint set — three to five commerce-knowledge query primitives (verdict-by-product-id, evidence-trace, merchant-truth-claim, deal-validity, etc.) — argue for these against rejected alternatives
  3. OAuth 2.1 implementation with refresh-token rotation
  4. Gateway-mediated authorization layer (Cloudflare AI Gateway or Zuplo)
  5. Audit logging — every call captured with caller identity, query, response summary, latency
  6. Security architecture — defensive against DNS rebinding, JSON injection, prompt injection at the tool-description layer
  7. 9-point reliability rubric satisfied (the candidate documents which points and how)
  8. Production deploy with rate limits, error budgets, and a public status page
  9. Developer-facing handoff — one-page integration guide an external developer can install from

What success looks like

  • The external MCP server is live in production behind OAuth 2.1
  • At least one external agent (Claude Code, ChatGPT custom GPT, or a partner integration) successfully calls it during the trial
  • Audit log captures every call with structured context
  • Status page shows uptime, error rate, latency
  • Security architecture passes a paranoid review by Phil/Bri/whoever owns infrastructure
  • The integration guide is one page; an external developer reading it can install the integration without re-asking
  • Reliability rubric documentation explicitly addresses each of the 9 points

References

references.md
Backend Engineering Phase 3 briefing axiom VERDICT 9 (External-Facing MCP Server First), Shift 4 (MCP Universal Protocol Adoption + Production-Scale Substrate Architecturally Unsolved)
Agent-commerce kernel — A-1 Protocol Economics, Cascade Architecture, Commerce/Truth/Preference graph composition
Truth-graph kernel — verdict primitives, evidence chain
Anthropic MCP specification (April 2026)
Cloudflare AI Gateway documentation
Jonathan Leitschuh, MCP Dev Summit 2026 — DNS rebinding demonstration
Apigene April 2026 analysis of 2,181 MCP endpoints (52% dead, 9% fully healthy)
Existing internal Product.ai MCP servers as architectural reference

Constraints

  • Claude Code as primary substrate
  • OAuth 2.1 with refresh-token rotation — not OAuth 2.0
  • Gateway-mediated authorization is mandatory — no direct unmediated MCP exposure
  • Self-hostable eval substrate for any production-trace harness (Phoenix or Langfuse, not LangSmith)
  • Schema parity with internal MCP servers where the same primitive exists (no fragmentation across internal/external)
  • IP separation: external-facing only; methodology paths stay internal
  • Security review is a deliverable gate — the server does not ship to production until it passes
  • 3-week duration cap — if scope creeps, the candidate negotiates the trade-off explicitly
Apply
01

Read the Codex (10 min)

The operating principles we work by. If they resonate, the rest of this will land. Open the Codex →

02

12-minute video screen

Hireflix, async. Questions are calibrated to this project specifically.

03

Chemistry call (30-60 min)

Direct call with the CEO. Strategic alignment and mutual fit. No problem-solving exercise.

04

Project begins within 2-3 weeks

1099 contractor agreement, NDA, paid at your stated rate. Day 1 in Santa Monica.

Alpha Team members can take this project without the screen-and-call sequence. Reach out via the Alpha Team channel.

Apply for this trial Browse other projects