MCP server
A Cloudflare Worker that speaks the Model Context Protocol over JSON-RPC. Lets Claude Desktop, Cursor, Zed, and other MCP-capable clients reach Ultron's skill catalog, discovery feeds, and competitor signals as native tools. Public read-only tier; an authenticated tier covers write actions like clone-website and run-skill.
Overview
- Worker name
ultron-mcp- Source
cf-workers/ultron-mcp/src/index.ts- Public endpoint
https://mcp.51ultron.com/mcp- Server card
/.well-known/mcp/server-card.json- Protocol
- Model Context Protocol 2024-11-05
- Transport
- Streamable HTTP (JSON-RPC over POST)
- Tools exposed
- 8 read-only tools
- Resources
- 5 URI templates plus 3 static
- Prompts
- 15 slash-command templates
- Auth tier
- Public; OAuth tier reserved for write actions
- Rate limit
- 60 requests per minute per IP
The MCP server is a thin proxy over Ultron's existing public surfaces. Every tool maps to one or more routes under app.51ultron.com/api or /.well-known. The worker normalises the JSON-RPC envelope, validates the input shape, applies rate limits, and returns a JSON response.
We deliberately keep the surface narrow. Read-only public tools first, so the public tier carries no abuse risk and no per-call cost. Write actions like cloning a website or running a paid skill are gated behind the OAuth tier that ships next.
Connect a client
Any MCP-aware client points at the server URL and discovers tools automatically. Three common cases below.
Claude Desktop
Edit ~/Library/Application Support/Claude/claude_desktop_config.json (mac) or the Windows equivalent. Add an entry under mcpServers:
Restart Claude Desktop. The skill catalog, discovery feeds, and competitor threats appear in the tool picker.
Cursor
Open Settings, search for MCP, click Add server, paste the URL.
Direct JSON-RPC
For your own client or quick testing, POST a JSON-RPC envelope:
Tools
Eight read-only tools cover the bulk of useful Ultron queries.
| Tool | What it does | Upstream route |
|---|---|---|
| search_skills | Search the catalog by query, agent, or category. | /.well-known/agent-skills/index.json |
| get_skill | Full markdown for one skill (description, examples, inputs, outputs). | /docs/skills/{id}/llm.txt |
| list_agents | The seven named personas and their slash commands. | static |
| discovery_feed | Ranked items from one discovery vertical (trends, repos, launches, etc). | /api/discovery/feed |
| trending_repos | GitHub trending, daily or weekly or monthly. | /api/discovery/trending-repos |
| library_search | Search the curated content library (hooks, formats, playbooks). | /api/library/feed |
| competitor_threats | Ranked threats from the AEO watcher worker. | /api/watcher/threats |
| daily_tip | One-sentence operator-playbook tip, refreshed daily. | /api/discovery/tip |
Resources
URI-addressable content. MCP clients can fetch a resource as context for the user's conversation.
| URI template | Content type | What it returns |
|---|---|---|
ultron://skill/{id} | text/markdown | Full skill markdown. |
ultron://agent/{id} | application/json | Agent persona with assigned skills. |
ultron://feed/{category} | application/json | Latest discovery feed snapshot. |
ultron://tip/today | application/json | Daily operator tip. |
ultron://docs/{slug} | text/markdown | Selected docs pages (skills-catalog, architecture). |
Prompts
Pre-built prompt templates derived from the slash-command catalog. Clients render these in their prompt picker.
Fifteen prompts cover the seven personas. Each takes a single argument (company, prospect, references, etc) and expands into the canonical slash-command form. Examples:
| Prompt | Argument | Maps to |
|---|---|---|
| cortex_competitor_deep_dive | company | /cortex Run a deep competitive analysis on {company}. |
| specter_cold_outreach | target_company | /specter Research and outreach for {target_company}. |
| sentinel_clone_website | url | /sentinel Clone a website end to end. URL: {url} |
| pulse_content_pulse | references | /pulse Run content-pulse using these refs: {references} |
| counsel_contract_review | contract_text | /legal Review this contract: {contract_text} |
prompts/list.Auth tiers
The public tier ships now. Auth tier follows once OAuth signup flow is wired.
| Tier | Auth | What it covers |
|---|---|---|
| Public | None | All eight tools listed above. All resources. All prompts. |
| Authenticated | OAuth via /.well-known/openid-configuration | Run a skill, start a chat session, fetch user missions, read the user's BCP. |
| Premium | OAuth plus active subscription | Clone a website, generate a carousel, run shell commands. |
Transport and rate limits
Transport is streamable HTTP per the current MCP spec. The legacy SSE endpoint returns 405 with a hint; older clients fall back gracefully. JSON-RPC batch requests are supported.
Rate limit is sixty requests per minute per source IP, enforced at the Cloudflare Worker layer. initialize, list calls, and the health probe bypass the limiter so client startup never trips it.