Turning a World 50 membership into an MCP your members talk to in Claude
This page pairs with the interactive demo. It shows the architecture behind that experience and a realistic, phased plan to build it — flagging clearly what is proven technology today versus the frontier UI layer.
~16–20 weeks to private beta
Small squad: 2 eng · 1 PM · part-time design/security
Reuses existing W50 community, content & events systems
01Architecture: how the W50 MCP plugs into Claude
Members don't get a new app — they connect the "Security 50" server once, and their membership becomes a set of tools Claude can reason over and act on. W50 builds and owns the middle layer; everything to the right already exists in your stack.
The exact path behind the demo's "Mythos" answer — every step here is standard MCP behavior available today.
1
Member asks
Question lands in Claude. Claude sees the connected Security 50 tools.
2
Auth & scope
Token proves membership; server resolves which 50s, content & threads this member may see.
3
Tool calls
Claude calls search_member_discussions, search_content, list_huddles.
4
Retrieve
Server runs semantic search over your indexed threads & content, applies redaction.
5
Synthesize + cite
Claude composes the answer and renders source cards from structured results.
6
Act
Member RSVPs → rsvp_huddle writes to your events system & returns a calendar invite.
03Phased build plan
Assumes a small dedicated squad and that your community, content, and events platforms expose APIs (or a database we can read). Durations are working weeks; phases 2–4 overlap.
Phase
W1W2W3W4W5W6W8W10W12W14W16W20
0 · Discovery
PM · Security · Eng lead
2–3 wks
1 · Server + Auth
Backend eng
scaffold + OAuth
2 · Read tools
Backend + retrieval
content + discussions
3 · Events + RSVP
Backend eng
write actions
4 · Governance
Security + Eng
runs in parallel
5 · Private beta
PM + member cohort
10–15 members
6 · GA + rich UI
Full squad
incl. inline widgets
P0
Discovery & data mapping
2–3 wks
Inventory the source systems (community, CMS, events, identity) and how to read them — API vs. DB vs. export.
Define the entitlement model: which membership tiers see which 50s, threads, and content.
Set the Chatham House / redaction policy — what's quotable, what's attributed, what's off-limits.
Output: data + permissions map, tool spec, redaction rules.
P1
MCP server + auth
3–4 wksProven
Stand up the MCP server (TypeScript or Python SDK) over streamable HTTP.
Wire OAuth 2.1 to your membership SSO; map tokens → scopes.
Ship a "hello" tool to validate end-to-end in Claude desktop.
Output: an authenticated, connectable Security 50 server.
P2
Read tools + retrieval
~4 wksProven
Index member discussions & content (embeddings + search).
Implement search_content and search_member_discussions with structured, citable results.
Tune relevance against real member questions.
Output: Claude answers grounded in proprietary W50 knowledge with sources.
P3
Events + write actions
~3 wksProven
list_huddles surfaces upcoming events by topic.
rsvp_huddle writes registration back & returns a calendar invite / .ics.
Confirmation, seat limits, and double-RSVP handling.
Output: members can act — RSVP — not just read.
P4
Governance & trust
~3 wks · parallel
Per-request entitlement enforcement and redaction at the server.
Full audit log of what was retrieved and shown to whom.
Output: validated experience + a credible internal case study.
P6
GA & the rich inline UI
ongoingFrontier UI
Roll out across additional 50s; the same server pattern extends to every community.
Layer in interactive inline cards & the in-chat RSVP button via MCP's emerging UI/embedded-resource support — the data and action are already live from P2–P3; this is purely the presentation upgrade.
Until that UI is universal in every client, the fallback (Claude proposes → member confirms → tool fires) ships the same outcome everywhere today.
Note: this is the one part marked amber in the demo. Nothing here blocks launch — it's an enhancement on top of a working integration.
04Risks & how we de-risk them
None of these are technology blockers — they're the design and policy decisions that determine member trust.
Risk
Severity
Mitigation
Confidentiality of member discussions (Chatham House)
High
Redaction + entitlement engine in the server; attribution rules set in P0; full audit trail; member opt-in to having their contributions surfaced.
Entitlements — wrong member sees wrong content
High
Scope checks enforced server-side on every request, never client-side; tested as a dedicated security workstream in P4.
Inline interactive UI not universal across clients
Med
Treat rich widgets as progressive enhancement; ship the confirm-then-act fallback that works in every client today.
Source systems lack clean APIs
Med
P0 discovery confirms access path; read-replica or export pipeline as fallback to indexing.
Answer quality / hallucination on niche topics
Low
Retrieval-grounded answers with visible citations; members can see and click every source; tune in beta.
Bottom line: Phases 0–5 deliver the full experience in the demo using technology that ships in Claude today. The only frontier piece (P6) is the in-chat interactive widget styling — and it sits on top of an integration that already works, so it never gates a launch.