v0.2 · 13-server corpus · evidence-backed

MCP server architectures,
evidence-backed.

Stop guessing what good MCP server design looks like. Production-grade architecture from a corpus of 13 scored reference servers, 29 patterns, and 11 antipatterns — synthesized into 8 reusable archetypes.

Get the Skill Stack — $149Free corpus on GitHub

// 30-day refund · lifetime updates 12mo · cross-AI portable

// problem_statement

Every MCP tutorial says "use atomic tools".
None of them tell you which ones for your domain.

01

Maturity ≠ design quality

GitHub's official MCP scored 49/70 in the corpus — held back by god-tool dispatch and conditional required params. The simpler reference Filesystem MCP scored 59/70. The biggest project isn't always the best teacher.

02

Safety is non-negotiable, design is hard

Restricting an MCP server to "read-only" by string-matching SQL prefixes is safety theater (`; DROP TABLE` bypasses it). The corpus maps the AP-03 antipattern as a mitigation spectrum: same tool shape, different safeguards, different verdicts — from lethal (`mcp-bash`, no sandbox) to sanctioned (Cloudflare's V8-isolated Code Mode, 99.6% token reduction over 2,594 endpoints).

03

Patterns transfer, but only with citations

Stripe + Sentry + Cloudflare all converged on hosted-remote OAuth (P-21) — three independent domains, same pattern. Sentry's resource-resolver tool (P-26) showed how to collapse five detail handlers into one. Brodels pioneered episodic audit logs (canonical for D10). Every recommendation cites its evidence — so you can verify and adapt.

// what_you_get[]

9 skills.
One bundle.

The router auto-classifies your domain. The 8 archetype skills supply the prescriptive content. Each archetype includes a spec.md loaded on-demand — tool surface, auth, safety rails, antipatterns, worked skeleton, README requirements.

R

router · auto-invoked first

mcp-architecture-router

Maps the buyer's domain to one or more of 8 archetypes via a decision tree. Synthesizes hybrid architectures when multiple archetypes apply (the common case). Escalates to premium tier when high-risk patterns are present (money movement, prod infra, code merges, PII).

01

Read-Only Data Source

Databases, files, web content, search APIs, KBs. The LLM only reads — never mutates.

Postgres, S3, knowledge bases, REST APIs

02

Writable System

Create / update / delete in external systems. HIGH-RISK — always recommended with safety rails.

Stripe, Salesforce, Slack, internal CRMs

03

Search & Fetch

Two-step retrieval: search ranks summaries, fetch drills into chosen IDs.

Memory graphs, docs search, ticket search

04

Workflow Orchestrator

Multi-phase pipelines (CI/CD, AI agents, ETL). Cost + audit + safety per phase.

AI engineering pipelines, CI/CD, ETL

05

State / Memory

Cross-session memory: knowledge graphs, agent learning, shared team context.

Knowledge graphs, agent KBs, personal memory

06

UI / Browser Automation

Drive a browser or GUI. Accessibility-tree-first; pixel-vision opt-in.

Playwright, E2E tests, admin UIs

07

Observability / Telemetry

Investigate errors, logs, traces, metrics. Time-bounded, cost-aware queries.

Sentry, Datadog, PagerDuty, log aggregators

08

Code / Dev-Tools

Repos, PRs, CI, deploys. Inherits Writable rails + draft-by-default, branch protection.

GitHub, GitLab, Vercel, deploy pipelines

// how_it_works.sh

From "I want to build an MCP for X" to a production-grade spec in minutes.

01

Install

unzip mcp-architecture-skills-v0.1.zip
  -d ~/.claude/skills/

Drop the 9 skills into your Claude skills directory. Or commit to your project's .claude/skills/ for team-scoped use.

02

Describe

"I want Claude to interact
with our Postgres + Stripe."

In any Claude conversation, describe the system you want an MCP server for. The router auto-invokes and classifies.

03

Deliver

→ archetype 01 + 02 hybrid
→ 14-section spec
→ tool surface · auth · rails

Get a 2,000-6,000 word architecture spec: tool list with annotations, auth, safety rails, README requirements, antipatterns to avoid, first tool to implement.

// evidence_base

Every recommendation, cited.

No "best practices" floating in space. Every pattern, antipattern, and architectural choice in the bundle traces back to a specific server in the corpus — which is public and auditable.

13
Reference servers scored

Sentry 65 · Filesystem 59 · Stripe 58 · Cloudflare 57 · ...

29
Design patterns

P-01 through P-29 with corpus citations

11
Antipatterns

AP-01 through AP-11 (god-tools, safety theater, etc.)

8
Archetypes

Plus 1 router skill that picks for you

Sample scoring

65/70
Sentry MCP
highest in corpus · embedded agent tool (P-27) + resource resolver (P-26)
59/70
Filesystem MCP (reference)
canonical ToolAnnotations + safety theater warning
58/70
Stripe MCP
hosted-remote OAuth · prompt-injection warning
57/70
Cloudflare MCP
Code Mode (P-29) · 2,594 endpoints → 2 sandboxed tools
56/70
Brodels (internal CI/CD)
episodic logs · multi-gate destructive ops
55/70
Playwright MCP
accessibility-first · capability gating
49/70
GitHub MCP (official)
POSITIVE for read-only mode · NEGATIVE for god-tools
35/70
SQLite MCP
AP-11 safety theater (read-only via regex)
See full corpus on GitHub

// pricing

Four ways in.
Pick the one that fits.

The free corpus is genuinely useful by itself. The skill stack is for self- serve buyers. Audits are for buyers who want a tailored, human-reviewed spec. Consulting is for deep architectural review.

Free Corpus

$0

The evidence behind everything. 13 scored servers, rubric, patterns, antipatterns. MIT-licensed.

  • 13 reference servers scored on 14-dim rubric
  • 29 design patterns with citations
  • 11 antipatterns with corpus examples
  • Free forever, public, auditable
View on GitHub →
most popular

Skill Stack

$149

The 8 prescriptive archetype specs (not in the free corpus) + auto-invoking router. Describe your domain → get a 14-section spec back. Install into ~/.claude/skills/.

  • Router skill + 8 archetype skills
  • Each with prescriptive spec.md loaded on-demand
  • 12 months of updates
  • Cross-AI portable (Codex, Gemini, Cursor)
  • 30-day refund if not useful
Buy — $149

Audit (Baseline)

$79

Tailored architecture spec for YOUR domain. Within 24 hours. For read-mostly, internal, low-stakes systems.

  • Domain-specific tool surface
  • Auth, pagination, safety rails
  • Antipatterns to avoid for your domain
  • Corpus citations for every claim
  • Delivered within 24 hours
Buy Audit — $79

Audit (Premium)

$149

Baseline + blast-radius + threat model + recovery plan. For money, prod infra, PII, code merges.

  • Everything in Baseline
  • Per-tool blast-radius analysis
  • Per-tool prompt-injection threat model
  • Recovery plan for LLM mistakes
  • Human-in-the-loop policy recs
  • Delivered within 48 hours
Buy Premium — $149

Concierge consulting

1-hour deep-dive — $750

Zoom call + written follow-up reviewing your existing or planned MCP server. For architectural review of a real system, tradeoff discussions, or post-audit implementation questions.

Book — $750 →

// faq

Honest answers.

The corpus is open-source and you can verify every claim. Every pattern recommendation has a corpus citation (e.g., "from Stripe MCP 58/70"). The scoring rubric is public. If I cite a pattern with only 1 reference, I say so explicitly.

// who_built_this

Built by an engineer who's been
designing systems for 30+ years.

Gunnard Engebreth — Engineering Manager at Realtime Software Solutions, two Apress books on PHP 8, 13 live SaaS products. The MCP corpus was built by reading every reference server's source code, scoring them on a 14-dimension rubric, and synthesizing the patterns and antipatterns into reusable archetypes.

Get the Skill Stack — $149See other projects