Why I built a public MCP server for Makuri

When someone asks Claude or ChatGPT about your company, what do they say?

For most companies, the answer is "nothing useful." For some, it's "something confidently wrong." For a small but growing number, it's "this is what they actually offer, current as of today, sourced directly from the company's own server."

That last group is where AI Visibility lives. Earlier this month I moved Makuri — the AI tutoring platform I run for immigrant children aged 12–15 in the EU — into that group. The mechanism is a public Model Context Protocol server, live at mcp.cogniledger.eu, exposing eight read-only tools: pricing, supported languages, subjects covered, safety features, compliance posture, contact channels, the technology stack, and a general platform-info block. No user data flows through it. No environment variables. No authentication.

This article is the first of three. It explains why I built it. The second covers how. The third covers what it's worth.

The discoverability gap

When an AI assistant fields a question about your company today, three things can happen.

It might know nothing — your company is too small to appear meaningfully in training data. It hedges, redirects, or hallucinates.

It might know something stale — a pricing page from two years ago, an old positioning statement, a feature you sunset. The user receives confidently wrong information attributed to your brand, and you don't get to correct it.

It might know something current — but only because your website is structured well enough for the assistant's web tool to parse. This works for the simplest questions. It fails for anything requiring authoritative, structured data.

There's a fourth option, and it's what MCP unlocks: the assistant queries your authoritative data source directly. Not your blog. Not a scrape. The current state of your product, served by you, designed for machine consumption.

That's what mcp.cogniledger.eu does for Makuri. Anyone running an MCP-aware client can connect and ask "what subjects does Makuri teach?" or "what's their stance on training models on user data?" and get an answer that comes from me, that I'm responsible for, and that I can update in five minutes when something changes.

Why public, read-only, and zero user data

This shape isn't accidental. It's the version of an MCP server that's safest to ship first, and it's the version most SMBs should ship first.

Public means anyone with an MCP client can discover and use it. It also means I could publish to the Official MCP Registry and let the directory ecosystem handle the rest of the discovery work. (More on that in Part 2.)

Read-only means there's no write surface to attack, no rate-limiting to engineer beyond what Vercel handles by default, no transaction integrity to worry about. The blast radius of any bug is "wrong information returned" — bad, but fixable in a deploy, not a security incident.

Zero user data is the big one. The moment a server touches PII, the GDPR conversation gets serious: Data Processing Agreements, lawful basis, subject access request handling, data residency. For a public showcase, none of that needs to be in scope. The server returns facts about my product — facts I'd happily print on a billboard. The compliance footprint approaches zero.

For an EU SMB, that combination — public, read-only, zero user data — is the fastest path to a working AI Visibility artifact. It's also the cleanest playbook to copy. If you're a 30-person fintech in Bucharest or a 60-person logistics SaaS in Prague, you don't need to start with the version that exposes customer accounts or order history. You start with the version that answers "what do you do, who do you serve, what does it cost, what's your security posture."

Why Makuri specifically

Makuri is an unusually demanding test case for this pattern.

It's an AI product, so the audience asking AI assistants about it is exactly the audience that would discover it through MCP.

It serves children, which puts it under EU AI Act high-risk classification and triggers GDPR-K obligations on top of standard GDPR. If the public-MCP pattern works for Makuri, it works for the long tail of EU SMBs with much simpler compliance profiles.

It's a real product I run, not a hypothetical. The MCP server reflects current beta pricing, current language coverage, and current honest answers about whether DPAs with model providers are signed. (They aren't. The server says so.) That's harder than building a marketing demo because the truthful answers aren't always the flattering ones — and the discipline of saying so out loud is part of the credibility the artifact buys.

What this is, in business terms

I run CogniLedger Solutions, a Bucharest-based AI consulting practice. One of the services I'm bringing to market is AI Visibility — helping EU SMBs become discoverable to AI assistants through Answer Engine Optimization and public MCP servers.

The Makuri MCP server is the showcase. Before I tell a prospective client "you should ship one of these," I need a working one of my own — built on the same stack I'd recommend, in production, public, and good enough that another developer would copy the pattern.

That's now done. Part 2 walks through how it got there, and which decisions I'd make differently.