WayCup Engine

WayCup Hub MCP Architecture

1 min read

WayCup Hub MCP: Global AI Architecture

🎯 Implementation (2026-05-18)

Established a global, unified “Engine Room” for Gemini CLI to ensure orchestration IP is retained by WayCup while work is pushed to clients.

🧱 Components

  1. Master Hub SA: [email protected].
  2. Domain-Wide Delegation (DWD): Registered on both waycupcreative.com and thedogwizard.com.
  3. 1Password “WayCup Security” Vault: Secure locker for the Hub SA JSON key (Item ID: zqzlnhwk7qxh5ar36idbvehb6i).

🛠️ Security: Zero-Disk Credentials

Implemented ~/.gemini/mcp-wrapper.sh. This script:

  • Loads environment variables from .env.
  • Uses op read to fetch the SA key directly into GOOGLE_APPLICATION_CREDENTIALS_JSON memory.
  • Ensures no JSON keys are ever written to the local disk.

🌐 Directory Inference

Gemini CLI now automatically switches context using local .env files:

  • GCP_ADMIN_EMAIL: Sets the impersonation subject for Workspace tasks.
  • GOOGLE_CLOUD_PROJECT: Targets the correct GCP project.

Graph View

Backlinks