mcp-handoff / annuity-search-engine
Handoff document·Prepared for annuity-search-engine/platform

MCP setup & handoff package, generated live for your stack.

Claude Code wired to your repo as the single source of truth, seven MCP servers across two phases, and a credential runbook you can self-serve. This page is the working preview of the Phase 1 deliverable: it builds a valid .mcp.json for your exact stack, right here.

Phase 1 Foundation · 4 serversPhase 2 Production · 3 serversPhase 3 Deferred · 2 servers
01 The stack at a glance

Every server, what it does for your workflow, and how it connects.

Seven MCP servers ship across Phase 1 and Phase 2; two more are staged for Phase 3. Each one is mapped to a real job in the annuity-search-engine workflow, not just installed for its own sake.

PHASE 1Foundation1-2 days
FS

Filesystem MCP

Sandboxed repo read / write

Direct, sandboxed read and write into your annuity-search-engine/platform clone, so Claude Code edits real files instead of working from pasted snippets. Access is fenced to the paths you list.

local · stdiono keyofficial
GH

GitHub MCP

Branches, PRs, issues, reviews

Branch, open PRs, review, and manage issues against annuity-search-engine/platform directly, keeping the repo as the single source of truth. GitHub's official remote server is the default; a local Docker build is the offline fallback.

remote · httpneeds credentialofficial
FG

Figma Dev Mode MCP

Dev-Mode specs & variables

Pull Dev-Mode specs, variables, and exact measurements from your design files so landing-page work is pixel-accurate. The official desktop server runs on loopback with no key.

local · httpno keyofficial
WF

Web Fetch MCP

Fetch & read live URLs

Fetch and read live URLs for research and to verify competitor annuity data, rates, and citations before they land in the product. Anthropic's Python reference server, no key.

local · stdiono keyofficial
PHASE 2Production MCPs2-3 days
IM

Image Generation MCP

On-brand images from a prompt

Generate on-brand hero and social imagery for landing pages from a prompt. Your brief names Ideogram (preferred) or Replicate; the recommendation panel explains why the provider choice matters for reliability.

local · stdioneeds credentialcaveat
WB

Webflow MCP

Publish landing pages

Publish and update landing pages and CMS items directly to your Webflow site from Claude Code. The official remote server uses OAuth, so no token sits in the repo.

remote · sseno keyofficial
SL

Slack MCP

Team channel integration

Post build updates and read team messages so the workflow reaches your Slack channel. The old reference server was archived; this uses the actively maintained community server.

local · stdioneeds credentialcommunity
PHASE 3Future (deferred)later phase
HG

HeyGen MCP

Avatar video (deferred)

Generate avatar and explainer videos via API for marketing. Deferred to Phase 3 in your brief, and worth a caveat before you commit to it.

local · stdioneeds credentialcaveat
EL

ElevenLabs MCP

Voiceover / TTS (deferred)

Voiceover and text-to-speech for video automation. Deferred to Phase 3; the official ElevenLabs server is well maintained.

local · stdioneeds credentialofficial
02 Live .mcp.json generator

Toggle your servers. Get a validated config, install steps, and a key checklist.

This is the working core of the handoff package. Pick the servers and options, and it generates the exact .mcp.json to commit to your repo root, the per-OS install commands, and the list of credentials to provision. It validates as you go and never touches the network.

.mcp.json generator · annuity-search-engine/platformvalidates locally · no fetch
Phase 1 · Foundation
Phase 2 · Production
Phase 3 · Deferred
Parameters
{
  "mcpServers": {
    "filesystem": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-filesystem",
        "/Users/you/code/annuity-search-engine"
      ]
    },
    "github": {
      "type": "http",
      "url": "https://api.githubcopilot.com/mcp/",
      "headers": {
        "Authorization": "Bearer ${GITHUB_PERSONAL_ACCESS_TOKEN}"
      }
    },
    "figma": {
      "type": "http",
      "url": "http://127.0.0.1:3845/mcp"
    },
    "fetch": {
      "command": "uvx",
      "args": [
        "mcp-server-fetch"
      ]
    }
  }
}
Valid .mcp.json· 4 servers· 1 credential· node + uv runtime
Recommendation

Ideogram or Replicate for image generation?

Your brief says Ideogram preferred, or Replicate. Straight answer: today Ideogram ships no official MCP server (only community packages under 5 stars), while Replicate ships an official, hosted one with OAuth and no key in your repo. So for a reliable Phase 2 I default to Replicate’s official server. If you specifically want Ideogram’s text rendering, I’d wrap the Ideogram v3 API in a small first-party MCP server I maintain, rather than depend on an unmaintained package. Toggle the provider above to see both configs side by side.

03 Per-server setup

Every server, step by step, with the exact config and a verify command.

Expand any server for the real setup steps, the credential it needs and where to create it, the .mcp.json entry, and the one command that confirms it connected.

Direct, sandboxed read and write into your annuity-search-engine/platform clone, so Claude Code edits real files instead of working from pasted snippets. Access is fenced to the paths you list.

  1. Confirm Node.js is installed (node --version); the server runs via npx, no global install.
  2. Pass the absolute path to your repo clone as an allowed directory (currently /Users/you/code/annuity-search-engine). Add more paths as extra arguments to widen the sandbox.
  3. Add the entry below to .mcp.json at the repo root, then run claude and approve the project server when prompted.
  4. Ask Claude Code to list the files in the repo root to confirm read access.
{
  "filesystem": {
    "command": "npx",
    "args": [
      "-y",
      "@modelcontextprotocol/server-filesystem",
      "/Users/you/code/annuity-search-engine"
    ]
  }
}
verify →claude mcp list # filesystem shows ✓ Connected
04 Credential handoff runbook

Every key documented, shared once, and never committed.

This is how credentials are created, recorded, and handed to you, so you can rotate or revoke any of them without me in the loop. It maps directly to your OneTimeSecret and per-phase handoff requirements.

01

Create least-privilege

One key per service, scoped to the annuity-search-engine repo/site only. Never account-wide.

02

Document it

Every credential gets a row in the register: what, where created, scope, owner, rotation date.

03

Share via OneTimeSecret

The secret value moves through a one-time, self-destructing link. Nothing sensitive in chat or email.

04

Reference, never store

The .mcp.json holds ${VAR} only. The value lives in a gitignored .env, so the repo stays clean.

Credential register (delivered per phase)

CredentialScopeRotation
GITHUB_PERSONAL_ACCESS_TOKEN
GitHub fine-grained PAT
annuity-search-engine/platform only · Contents, PRs, Issues90 days
REPLICATE_API_TOKEN
Replicate API token
Image generation · per-machineon offboarding
WEBFLOW_TOKEN
Webflow site token
Site-scoped · CMS + Pageson offboarding

You receive the full register for every credential created, plus an owner column, at the end of each phase.

Nothing sensitive in git

secrets pattern
# .env  (gitignored, never committed)
GITHUB_PERSONAL_ACCESS_TOKEN=github_pat_xxx   # fine-grained, repo-scoped
REPLICATE_API_TOKEN=r8_xxx                    # Phase 2, image generation
WEBFLOW_TOKEN=wf_xxx                          # Phase 2, if using local server

# Claude Code expands ${VARS} from here into .mcp.json.
# .gitignore already contains: .env and .env.local
The rule. The generated .mcp.json is safe to commit because it contains only ${VAR} references. Remote OAuth servers (GitHub, Webflow, Figma remote) store no token at all.
05 Repo as the single source of truth

~60 files, migrated into a clean structure with history intact.

Claude Code works best when the repo is the source of truth and the structure is legible. Here is the target layout and the migration plan for annuity-search-engine/platform.

target structure
annuity-search-engine/
├── .mcp.json               # 7 MCP servers, project-scoped, committed
├── CLAUDE.md               # standing brief Claude Code reads every session
├── .env                    # gitignored, secrets as ${VARS}, never committed
├── .gitignore
├── README.md
├── src/                    # app code, migrated from your project folder
│   ├── search/             #   annuity search + ranking
│   ├── data/               #   providers, ingestion, normalization
│   └── ui/                 #   landing pages, components
├── docs/                   # the handoff packages, one per phase
│   ├── phase-1-handoff.md
│   └── credential-register.md
├── design/                 # Figma exports, brand assets
└── scripts/                # ops + automation
  1. Audit the ~60 files in your current project folder and categorize them (app code, data, design, docs, scratch).
  2. Agree the target structure with you before moving anything.
  3. Migrate with git mv so file history is preserved, not lost to a bulk copy.
  4. Add CLAUDE.md, .mcp.json, and .gitignore at the root; seed CLAUDE.md with the repo map and conventions.
  5. Push to annuity-search-engine/platform and set it as the single source of truth; enable branch protection on main.
Why CLAUDE.md matters. It is the standing brief Claude Code reads on every run: the repo map, your conventions, and the guardrails. It is what turns the migration into something you can self-serve.
06 Self-serve ops guide

The handful of commands that keep you independent.

You asked for documentation so you can self-serve basic ops. This is it: the everyday commands, how to add or change a server, and the five issues you are most likely to hit, each with a one-line fix.

Everyday commands

claudestart Claude Code in the repo
claude mcp listsee every server + health
claude mcp get githubinspect one server
/mcpsign in to OAuth servers, in-session
claude doctordiagnose the install

Add or change a server

edit .mcp.jsonadd/remove a server, then re-approve
claude mcp add …add without hand-editing
claude mcp remove slackdrop a server
claude mcp reset-project-choicesre-run project approval
If you see thisDo this
Server shows ⏸ Pending approvalRun claude in the repo and approve the project server (once).
Server shows ✗ failedThe referenced ${VAR} is not set. Export it in your .env and reload.
Figma won't connectOpen the desktop app, enter Dev Mode, and enable the local MCP server.
`uvx: command not found`Install uv (see the generator's install tab), then reopen the shell.
Local GitHub server failsDocker isn't running. Start Docker Desktop, or switch GitHub to remote.
07 Per-phase verification checklist

What “done” means, so we both know when a phase ships.

Each phase closes against a concrete acceptance list, not a vibe. This is the same checklist that goes in the handoff package. Tick through it to see the shape of the sign-off.

Phase 1 · Foundation

0/8 · 1-2 days

Phase 2 · Production

0/6 · 2-3 days