Summary
A remote MCP server that turns your personal devices into callable resources through authenticated capability invocation. Built on Supabase with OAuth 2.1 auth, it exposes tools like list_devices, invoke_device_capability, and get_artifact so LLM clients can discover what your phone or laptop can do and trigger one-shot actions like camera_capture, screen_capture, or contacts.find_contact. The control plane lives in Postgres with RLS, jobs get queued for device runtimes to consume, and results come back as structured data or artifact references. Reach for this when you want Claude or other agents to coordinate across your own hardware without building yet another API gateway. v1 focuses on request-response patterns, with WebRTC streaming planned for v2.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Sensact
Sensact is a Supabase-hosted remote MCP device platform.
The goal is to let LLM clients such as Codex or Claude discover and invoke capabilities on user-owned devices through a standard MCP server, while Supabase Auth provides the OAuth 2.1 authorization flow and Postgres + Realtime + Storage provide the control plane.
MCP Registry Preview
Sensact is prepared for the official MCP Registry as a remote-only public preview server.
- Registry name:
io.github.sensact-agents/sensact - Registry metadata file: server.json
- Canonical repository:
https://github.com/sensact-agents/Sensact - Public preview MCP URL:
https://helavgrvwipmdvyejfom.supabase.co/functions/v1/mcp - Public preview protected resource metadata:
https://helavgrvwipmdvyejfom.supabase.co/functions/v1/mcp/.well-known/oauth-protected-resource - Public preview authorization server metadata:
https://helavgrvwipmdvyejfom.supabase.co/auth/v1/.well-known/oauth-authorization-server
Current Scope
v1 is focused on one-shot device capability invocation:
- list devices visible to the authenticated user
- inspect device capabilities
- invoke simple device capabilities through jobs
- return structured results or artifact references
Reference v1 capabilities:
vision.camera_capturecontacts.find_contactvision.screen_capture
Planned later phases:
v2:WebRTCmedia sessions for realtime audio/videov3: advanced actions and realtime inference orchestration
Repository Layout
- docs
- Product, architecture, data model, MCP API, Supabase schema, consent, runtime design
- schemas/mcp
- JSON Schema contracts and MCP tool registration metadata
- services/mcp-service
- Shared TypeScript package for MCP tool definitions and server-side structure
- services/oauth-consent-app
- Browser auth + consent UI for the Supabase OAuth server at
/and/oauth/consent
- Browser auth + consent UI for the Supabase OAuth server at
- supabase
- Edge Function MCP gateway, migrations, config, seed
Not part of this repository snapshot:
- mediapipe
- ignored as a nested upstream repository
Key Documents
- sensact-app-product-design.md
- sensact-system-architecture.md
- sensact-mcp-api.md
- sensact-supabase-schema.md
- sensact-oauth-consent.md
Current Implementation Status
Implemented in this repository:
Supabase Edge FunctionMCP gateway at supabase/functions/mcp- protected resource metadata and
WWW-Authenticatechallenge for remote MCP OAuth list_devices,list_device_capabilities,invoke_device_capability,get_artifact- Supabase SQL migrations for core registry, capability, execution, artifact, and RLS setup
- browser auth app with Google sign-in, magic-link fallback, and OAuth consent UI for
Supabase Auth
Known limitations:
- No real device runtime is wired yet, so device discovery depends on external device registration
invoke_device_capabilityrequires an actual device runtime to consume jobs and write results- The consent app should be served from
https://www.sensactagent.com/oauth/consentin production
Prerequisites
Node.js 20+npmSupabase CLI- a
Supabaseproject with:- OAuth server enabled
- dynamic OAuth app registration enabled
- this repository linked or configured against that project
Local Development
1. MCP shared package
cd /Users/luolingfeng/Sensact/services/mcp-service
npm install
npm run typecheck
2. Web auth app
cd /Users/luolingfeng/Sensact/services/oauth-consent-app
cp .env.example .env
Set:
VITE_SUPABASE_URLVITE_SUPABASE_ANON_KEY
Then run:
npm install
npm run dev
For local development the web auth app runs at:
http://127.0.0.1:3000/
http://127.0.0.1:3000/oauth/consent
Production web auth URLs:
https://www.sensactagent.com/
https://www.sensactagent.com/oauth/consent
3. Supabase schema and function deployment
Push migrations:
cd /Users/luolingfeng/Sensact
supabase db push --linked --yes
Deploy the MCP function:
cd /Users/luolingfeng/Sensact
supabase functions deploy mcp --project-ref <project-ref> --use-api --no-verify-jwt
--no-verify-jwt is intentional. The gateway must return its own 401 + WWW-Authenticate challenge for remote MCP discovery.
MCP Endpoints
Public preview server URL:
https://helavgrvwipmdvyejfom.supabase.co/functions/v1/mcp
Public preview protected resource metadata:
https://helavgrvwipmdvyejfom.supabase.co/functions/v1/mcp/.well-known/oauth-protected-resource
Public preview authorization server metadata:
https://helavgrvwipmdvyejfom.supabase.co/auth/v1/.well-known/oauth-authorization-server
Deployment template:
https://<project-ref>.supabase.co/functions/v1/mcp
https://<project-ref>.supabase.co/functions/v1/mcp/.well-known/oauth-protected-resource
https://<project-ref>.supabase.co/auth/v1/.well-known/oauth-authorization-server
Using With MCP Clients
Registry lookup:
curl "https://registry.modelcontextprotocol.io/v0/servers?search=io.github.sensact-agents/sensact"
Fallback install for Codex:
codex mcp add sensact --url https://helavgrvwipmdvyejfom.supabase.co/functions/v1/mcp
Log in through Supabase OAuth:
codex mcp login sensact
Check status:
codex mcp list
codex mcp get sensact
Fallback install for Claude Code:
claude mcp add --transport http sensact https://helavgrvwipmdvyejfom.supabase.co/functions/v1/mcp
Publishing To MCP Registry
The repository publishes to the official MCP Registry from Git tags via GitHub Actions OIDC.
Create and push a release tag:
git tag vX.Y.Z
git push origin vX.Y.Z
The workflow at .github/workflows/publish-mcp.yml will:
- run the repository-level publication tests
- typecheck
services/mcp-service - test and build
services/oauth-consent-app - smoke test the public preview MCP endpoint
- validate
server.jsonagainst its$schema - stamp the pushed tag version into
server.json - authenticate with
mcp-publisher login github-oidc - publish
io.github.sensact-agents/sensactto the Registry
After publication, verify the public entry:
curl "https://registry.modelcontextprotocol.io/v0/servers?search=io.github.sensact-agents/sensact"
Verification Commands
Consent app:
cd /Users/luolingfeng/Sensact/services/oauth-consent-app
npm test
npm run build
MCP shared package:
cd /Users/luolingfeng/Sensact/services/mcp-service
npm run typecheck
Registry publication assets:
cd /Users/luolingfeng/Sensact
node --test scripts/registry-publication.test.mjs
node scripts/validate-server-json.mjs
node scripts/smoke-test-remote-mcp.mjs
Remote MCP discovery:
curl -i https://helavgrvwipmdvyejfom.supabase.co/functions/v1/mcp
curl -i https://helavgrvwipmdvyejfom.supabase.co/functions/v1/mcp/.well-known/oauth-protected-resource
curl -i https://helavgrvwipmdvyejfom.supabase.co/auth/v1/.well-known/oauth-authorization-server
Git
Current repository bootstrap:
- commit:
d394e5b - tag:
v0.1.0
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →