rabbitblood 40bd0cfdde fix: restore build infrastructure deleted by bad PR #59 merge

[Molecule-Platform-Evolvement-Manager]

PR #59 (commit dae42e2) was merged ~2 weeks ago with a bad diff that
deleted all Next.js/Fumadocs build files (package.json, app/, lib/,
source.config.ts, tsconfig.json, etc.) and most MDX content pages.
This broke the Vercel build, taking doc.moleculesai.app offline.

Root cause: the PR branch was likely rebased or reset to a state that
only contained the marketing/ subtree, so the merge diff showed
deletions for every other file.

This commit:
1. Restores all build infrastructure from the last good commit (86fa0e9)
2. Restores 25 deleted MDX content pages (concepts, quickstart, etc.)
3. Adds frontmatter (title) to 55 .md files added post-bad-merge that
   were missing the required YAML frontmatter for Fumadocs
4. Removes duplicate quickstart.mdx (superseded by quickstart.md)
5. Adds CI workflow (.github/workflows/ci.yml) to catch build failures
   on PRs before merge — this would have prevented the outage

Build verified: 99 static pages generated successfully.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-22 14:03:24 -07:00

4.0 KiB

Raw Blame History

title
Molecule AI + opencode Integration

Molecule AI + opencode Integration

opencode is an AI coding agent (opencode.ai) that supports remote MCP servers via opencode.json. This guide shows how to wire it to your Molecule AI workspace.

Prerequisites

A running Molecule platform (MOLECULE_MCP_URL — e.g. https://api.molecule.ai)
A workspace-scoped bearer token (MOLECULE_MCP_TOKEN) issued via the platform API

1. Declare Molecule as a remote MCP server

Create (or extend) opencode.json in your project root:

{
  "mcpServers": {
    "molecule": {
      "type": "remote",
      "url": "${MOLECULE_MCP_URL}/workspaces/${WORKSPACE_ID}/mcp",
      "headers": { "Authorization": "Bearer ${MOLECULE_MCP_TOKEN}" },
      "description": "Molecule AI A2A orchestration — delegate_task, list_peers, check_task_status"
    }
  }
}

⚠️ Never embed the token in the URL (e.g. ?token=...). Always use the Authorization: Bearer header. URL-embedded tokens appear in server logs, browser history, and Git history if the file is committed.

A pre-configured template is available at org-templates/molecule-dev/opencode.json.

2. Obtain a workspace-scoped token

curl -X POST https://$MOLECULE_MCP_URL/workspaces/$WORKSPACE_ID/tokens \
  -H "Authorization: Bearer $ADMIN_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"name": "opencode-agent", "scopes": ["mcp:read", "mcp:delegate"]}'

Store the returned token as MOLECULE_MCP_TOKEN in your .env (see .env.example).

3. Available tools

When opencode connects to the Molecule MCP endpoint, the agent gains access to:

Tool	Description
`list_peers`	Discover available workspaces in your org
`delegate_task`	Send a task to a peer workspace and wait for the result
`delegate_task_async`	Fire-and-forget task delegation; returns a `task_id`
`check_task_status`	Poll an async delegation by `task_id`
`commit_memory`	Persist information to LOCAL or TEAM memory scope
`recall_memory`	Search previously committed memories

Restricted tools

send_message_to_user — disabled for remote MCP callers by default; requires explicit opt-in via MOLECULE_MCP_ALLOW_SEND_MESSAGE=true
GLOBAL memory scope — commit_memory with scope: GLOBAL is blocked for external agents; LOCAL and TEAM scopes are available

4. Example: delegate a research task

{
  "tool": "delegate_task",
  "arguments": {
    "target": "research-lead",
    "task": "Summarise the last 7 days of commits in Molecule-AI/molecule-monorepo"
  }
}

opencode sends this tool call to the Molecule MCP endpoint. The platform routes it to your research-lead workspace and streams the response back.

5. Security notes

SAFE-T1401 — org topology exposure

list_peers returns the full set of workspace names and roles visible to your workspace. This is intentional: provisioned agents need to know their peers to delegate effectively. Be aware that any opencode agent with a valid MOLECULE_MCP_TOKEN can enumerate your org topology.

SAFE-T1201 — tool surface audit pending

The full @molecule-ai/mcp-server npm package exposes additional tools beyond those listed above. These are pending a SAFE-T1201 security audit (tracked in #747 follow-on) and must not be exposed to external agents in production until that audit completes.

Token scoping

Issue tokens with the minimum required scopes (mcp:read, mcp:delegate). Rotate tokens regularly. Revoke via DELETE /workspaces/:id/tokens/:token_id.

6. Environment variables

Add to your .env:

MOLECULE_MCP_URL=https://api.molecule.ai   # or http://localhost:8080 for local dev
MOLECULE_MCP_TOKEN=                         # workspace-scoped bearer token from step 2
WORKSPACE_ID=                               # UUID of the agent workspace opencode acts as
                                            # find it in Canvas sidebar or GET /workspaces

See .env.example for the canonical reference.

4.0 KiB Raw Blame History