Cloudflare Worker implementation for the mcp.exmxc.ai executable intelligence node. The service is both:
- an agent-discoverable REST/JSON intelligence API, and
- a spec-compatible MCP JSON-RPC 2.0 server at
POST /mcp.
The code keeps the ES-module Worker entrypoint (export default { fetch(request, env) }) and stores no secrets in source.
- Entity:
exmxc - Domain:
https://exmxc.ai - Founder: Mike Ye
- Worker host:
https://mcp.exmxc.ai - Build version:
2.1.0 - Stable build date /
last_updated:2026-06-10
lib/registry.js is the single source of truth for entity metadata, build metadata, dataset registrations, callable data tools, content links, and federated registries.
Canonical MCP discovery is served from https://mcp.exmxc.ai/.well-known/mcp.json; the apex https://exmxc.ai/.well-known/mcp.json is intentionally not served because the apex is Webflow on a DNS-only record. The transport endpoint is https://mcp.exmxc.ai/mcp.
GET /— REST/MCP discovery documentGET /.well-known/mcp.json— MCP discovery pointerGET /capabilities.json— generated capability inventoryGET /.well-known/tool-registry.json— generated tool registryGET /.well-known/openapi.json— OpenAPI document withservers: [{ url: "https://mcp.exmxc.ai" }]GET /.well-known/manifest.json— generated manifestGET /.well-known/ai-plugin.json— plugin manifest pointing at the OpenAPI documentGET /health— operational health check; uptime is not asserted in the payload and is observed through Cloudflare observability
All JSON responses use shared CORS headers. OPTIONS returns 204 with Access-Control-Allow-Methods: GET, POST, OPTIONS and Access-Control-Allow-Headers: content-type, mcp-protocol-version.
POST /mcp accepts one JSON-RPC 2.0 request per HTTP request and returns an application/json response for synchronous tools. GET /mcp returns 405 with Allow: POST.
Supported methods:
initializenotifications/initializedpingtools/listtools/call
Example initialize request:
{
"jsonrpc": "2.0",
"id": 1,
"method": "initialize",
"params": { "protocolVersion": "2025-06-18" }
}Example tool call:
{
"jsonrpc": "2.0",
"id": 2,
"method": "tools/call",
"params": {
"name": "ex.speg.get",
"arguments": { "ticker": "NVDA" }
}
}tools/list, /capabilities.json, and /.well-known/tool-registry.json are generated from the same DATA_TOOLS registry so tool IDs and counts stay consistent.
Callable JSON tools from DATA_TOOLS:
ex.entities.getex.speg.getex.datasets.index.getex.ai_power_index.getex.four_forces.getex.entity_in_a_box.getex.ai_power.analysis.topex.eei.audit.run
Content links from CONTENT_LINKS:
ex.framework.get—https://exmxc.ai/frameworksex.signal.get—https://exmxc.ai/signal-briefsex.lexicon.get—https://exmxc.ai/lexiconex.capital.get—https://exmxc.ai/capitalex.doctrine.get—https://exmxc.ai/leadership-doctrineex.about.get—https://exmxc.ai/about-usex.audit.page—https://www.exmxc.ai/audit
Bundled datasets are imported directly into the Worker. Dataset updates require a Worker deploy.
GET /entities- Source:
data/entities.json - Filters:
industry,entity_type,posture,capability - Canonical entity-name field:
company
- Source:
GET /speg- Source:
data/speg_index.json - Filters:
sector,scarcity_layer,ticker
- Source:
GET /datasets- Generated dataset index
GET /datasets/ai_power_index- Source:
data/ai_power_index_dataset_v1.json
- Source:
GET /datasets/ai_power_index/schema- Source:
schema/ai_power_index.schema.json
- Source:
GET /datasets/four_forces- Source:
data/four_forces_dataset_v1.json
- Source:
GET /datasets/entity_in_a_box_v1- Source:
data/entity_in_a_box_v1.json
- Source:
GET /datasets/entity_in_a_box- Compatibility alias for
/datasets/entity_in_a_box_v1
- Compatibility alias for
GET /analysis/ai_power/top?limit=10- Top AI Power Index records sorted by
ai_power_index
- Top AI Power Index records sorted by
GET /audit/run?url=https://exmxc.ai- Live Entity Engineering Index audit for a public URL
GET /schema- Source:
schema/schema.json
- Source:
GET /definitions- Source:
schema/definitions.json
- Source:
GET /index- Source:
index.json, withtotal_entitiescomputed dynamically from the bundled entities length
- Source:
Entity record example using canonical company:
{
"company": "BlackRock",
"industry": "Financial",
"entity_type": "Public Company",
"posture": "Open",
"capability": "High",
"ecc": 86
}sPEG record example using the row-level date field:
{
"entity_id": "nvidia",
"company": "NVIDIA",
"ticker": "NVDA",
"sector": "AI Semiconductor",
"scarcity_layer": "Compute",
"date": "2026-02-13",
"price_usd": 182.78,
"speg": 0.63
}AI Power Index record shape:
{
"entity_name": "NVIDIA",
"compute_exposure": 10,
"interface_exposure": 9,
"alignment_exposure": 7,
"energy_exposure": 8,
"ai_power_index": 8.6
}GET /api/ai-jobs-signal remains an experimental ADS endpoint backed by Anthropic for synthetic posting generation. Benchmark and signal responses include:
data_provenance: "synthetic-llm-generated"disclaimer: "Postings are model-generated illustrations for ADS analysis, not scraped or verified labor-market data."
The ADS signal route requires an Anthropic Worker secret binding:
wrangler secret put ANTHROPIC_API_KEYDo not place ANTHROPIC_API_KEY in wrangler.jsonc, source files, or documentation beyond the binding name.
The active deployed Worker config is:
wrangler.jsonc— mainmcp.exmxc.ai/*Worker with observability enabled
The legacy workers/root-discovery/wrangler.jsonc remains in the repo for reference only. Its apex exmxc.ai/.well-known/* route is intentionally abandoned because the apex is Webflow on a DNS-only record and canonical discovery is served by mcp.exmxc.ai.
Deploys are automatic on every push to main through .github/workflows/deploy.yml; no manual wrangler deploy is required for normal releases. The workflow also supports workflow_dispatch for an explicit redeploy.
The deploy job deploys the canonical exmxc-workers Worker from wrangler.jsonc. The abandoned exmxc-root-discovery Worker is not deployed by CI because apex discovery is intentionally not served; canonical discovery lives on mcp.exmxc.ai.
After deployment completes, the verify live job waits for edge propagation and runs:
node scripts/live-acceptance.mjsThe live acceptance harness checks the production origins, including POST /mcp, canonical REST/MCP discovery on mcp.exmxc.ai, tool inventory consistency, dataset/schema endpoints, CORS, and health semantics. Apex discovery is probed for information only and never fails CI. The workflow fails if the canonical live result does not pass these checks.
One-time GitHub Actions secret setup is required in repo Settings → Secrets and variables → Actions:
CLOUDFLARE_API_TOKEN— scoped Cloudflare API token for deploying Workers and routesCLOUDFLARE_ACCOUNT_ID—aeb064fbc195ef8f54ebce0f51897a63
Do not commit the Cloudflare API token or any other secret value to source.
The registry/ directory contains a generated MCP registry submission packet for external discovery directories. Regenerate it whenever lib/registry.js changes:
node scripts/build-registry-packet.mjsThe generator imports the canonical entity, build, transport, and DATA_TOOLS definitions from lib/registry.js, then rewrites:
registry/packet.jsonregistry/server.jsonregistry/SUBMISSION.md
This keeps registry submission metadata aligned with the live MCP tool inventory.
worker.js Main Cloudflare Worker
lib/http.js Shared JSON/CORS response helpers
lib/registry.js Single source of truth for metadata, datasets, tools, links, federation
lib/queries.js Shared REST + MCP query implementations
lib/ads-classifier.js ADS classification helper
lib/ads-taxonomy.js ADS taxonomy definitions
data/*.json Bundled datasets
schema/schema.json Entity dataset schema with canonical company field
schema/definitions.json Semantic definitions
schema/ai_power_index.schema.json AI Power Index JSON Schema
index.json Static entity dataset index baseline
scripts/live-acceptance.mjs Live deploy acceptance harness
scripts/build-registry-packet.mjs Registry packet generator
registry/ Generated MCP registry submission packet
workers/root-discovery/worker.js Unused root .well-known MCP pointer Worker reference
exmxc exposes a REST/JSON intelligence API plus an MCP server using Streamable HTTP on Cloudflare Workers. Tool and resource inventories are generated from lib/registry.js; public REST aliases and bundled dataset payloads are preserved.
GET /api/ai-jobs-signal without signal parameters returns the deterministic public benchmark. Paid signal generation uses POST /api/ai-jobs-signal and requires Authorization: Bearer <ADS_SIGNAL_KEY>. The Cloudflare deployment should add a rate rule on this path as defense in depth.
/audit/run and the ex.eei.audit.run tool remain public but validate targets before contacting the upstream audit service. The upstream service at exmxc-audit.vercel.app must independently enforce DNS-resolution and redirect checks against private, loopback, link-local, and reserved ranges; that external security dependency is not satisfied by this repository alone. Conservative Cloudflare rate limiting should be applied to /audit/run and audit calls arriving via /mcp as deployment configuration.
Successful tool calls keep content[0].text as the JSON serialization of the complete handler result. structuredContent is only emitted for protocol-valid object results; top-level array results remain text-only to avoid introducing an unapproved wrapper.