Sponsored by Deepsite.site

MCP.so

Ebenova Scope Guard - AI Contract Scope Violation Detector

Created By
Ebenova Solutions22 days ago
AI-powered contract scope violation detector. Paste contract + client message, get violation type, severity, 3 professional response drafts, and change order pricing. Zero API competitors.
# legal
# contracts
OverviewContentToolsComments
Overview

Signova — AI-Powered Legal Document Platform

getsignova.com · ebenova.dev · api.ebenova.dev

Signova generates professional legal documents, contracts, invoices, and compliance reports using AI — built for freelancers, agencies, and small businesses who need legal protection without lawyer fees.

Overview

Signova ships three surfaces from a single codebase:

  • Consumer web app at getsignova.com — pay-per-document generation, promo redemption, buyer capture
  • Developer platform at ebenova.dev + api.ebenova.dev — subscription API with keys, usage tracking, and Stripe billing
  • MCP servers — Model Context Protocol servers that expose the same legal/insights/scope tooling to AI agents (Claude Desktop, Cursor, etc.)

The platform generates 34 document types (NDAs, contracts, offer letters, privacy policies, invoices, change orders, etc.) with jurisdiction-aware drafting for Canada (PIPEDA + Quebec Law 25), the United States (CCPA/CPRA + state privacy laws), the United Kingdom (UK GDPR), the European Union (GDPR), Nigeria (NDPA 2023), South Africa (POPIA), Kenya (DPA 2019), and Ghana (DPA 2012) — all with geo-aware currency detection and locale-specific drafting via Anthropic Claude.

Live URLs

SurfaceURL
Consumer sitehttps://www.getsignova.com
Developer sitehttps://www.ebenova.dev
API basehttps://api.ebenova.dev
OpenAPI spec (file)openapi.yaml

Architecture

Browser / AI Agent
Vercel Edge (vercel.json routing + redirects)
      ├─ Static SPA:  Vite build of src/  →  React 19 + React Router 7
      └─ Serverless:  api/*.js  (Node.js functions)
             ├─ Upstash Redis        (API keys, usage, promo state, rate limits)
             ├─ Anthropic Claude     (document generation, scope analysis)
             ├─ Stripe               (consumer checkout + API subscriptions)
             ├─ Resend               (transactional email, waitlist, receipts)
             ├─ Paystack / OxaPay    (Africa + crypto payments)
             └─ Groq                 (fast previews, insight drafts)

Deployed on Vercel (project signova, owner ebenovasolu-5755s-projects). Cron jobs defined in vercel.json drive /v1/insights/poll (every 15 min) and /api/cron/ots-upgrade (every 2 hours).

Tech Stack

LayerTechnology
FrontendReact 19, Vite 7, React Router 7, Phosphor Icons
BackendVercel Serverless Functions (Node.js, ESM)
ValidationZod 3
DataUpstash Redis (serverless REST)
AIAnthropic Claude (primary), Groq (previews/drafts)
PaymentsStripe (primary), Paystack (NGN), OxaPay (crypto), Flutterwave
EmailResend
AnalyticsVercel Analytics, Vercel Speed Insights
MCP@modelcontextprotocol/sdk
TestingVitest, @testing-library/react, jsdom

Features

Document generation

  • 34 document types: NDA, freelance/service/consulting agreements, employment offer letters, privacy policy, terms of service, invoices, change orders, scope analysis, and more
  • Jurisdiction-aware drafting across Canada, USA (with state-level awareness), UK, EU, Nigeria, South Africa, Kenya, and Ghana
  • Free Groq-powered preview (api/generate-preview.js), premium Claude output on payment verification (api/generate.js, api/v1/documents/generate.js)
  • Conversation-to-document extraction (api/v1/extract/conversation.js)

Promo system

Promo codes bypass payment to unlock one free document. State is stored in Upstash Redis (promo_uses:CODE counters, promo_ratelimit:IP per-IP hourly limiter). IP rate limit: 5 attempts/hour. All codes defined in api/promo-redeem.js.

CodeDescriptionMax usesExpires
SIGNOVA10General discount5002026-12-31
OLUMIDEFounder access (unlimited testing)9,9992027-12-31
AFRICATaryl African Founders Community1,2002026-12-31
KREDOKredo partnership202026-12-31
MEST2026MEST cohort1002026-12-31
CCHUBNIGCcHUB Nigeria2002026-12-31
BAOBAB26Baobab Network cohort802026-12-31
ACCLAFRICAAccelerate Africa cohort502026-12-31
TEF2026Tony Elumelu Foundation1,0002026-12-31
ROSEMARYSingle-use promo102026-12-31

Billing (Stripe)

  • Consumer pay-per-document checkout (api/stripe-checkout.js, api/stripe-verify.js, api/stripe-webhook.js)
  • Subscription plans for the API: Starter $29, Growth $79, Scale $199 (api/v1/billing/checkout.js)
  • Insights add-on plans: Starter $49, Growth $99, Scale $249 — activated commercial feature
  • Stripe Customer Portal (api/v1/billing/portal.js), webhook handler (api/v1/billing/webhook.js)
  • Scope Guard Pro checkout (api/scope-guard-checkout.js) — activated commercial feature

MCP servers

Three first-party MCP servers live under mcp-servers/:

ServerPurpose
mcp-servers/legal-docsDocument drafting tools for AI agents (NDAs, contracts, invoices, change orders)
mcp-servers/insightsBusiness-intelligence / contract analytics tools
mcp-servers/scope-guardScope-creep detection and change-order generation

Each has its own package.json, server.json, and Dockerfile, and publishes independently to npm / the MCP registry / Smithery / Glama.

The site itself also exposes an HTTP MCP endpoint at api/mcp.js.

API authentication

Authenticated endpoints under /v1/* use two distinct credentials:

  1. Bearer API keys (Authorization: Bearer sk_live_...) — end-user keys validated against Upstash Redis via lib/api-auth.js. Used for document generation, extract, scope, vigil, contracts, insights, invoices.
  2. Admin/setup secret (EBENOVA_ADMIN_SECRET) — gates /v1/keys/create so only operators can provision new customer keys. ADMIN_API_TOKEN similarly gates /v1/admin/revenue. BYPASS_ADMIN_SECRET gates api/create-bypass.js. CRON_SECRET / POLL_CRON_SECRET authenticate Vercel cron invocations.

Rate limits and monthly document caps are enforced per key in Redis.

Note: there is no live /docs HTML endpoint today. Consume the OpenAPI spec directly via openapi.yaml.

Local development

Prerequisites

  • Node.js 20+ (ESM)
  • Upstash Redis database (free tier)
  • Anthropic API key
  • Stripe account (only needed to exercise paid flows)
  • Resend API key (optional, for email)

Setup

git clone <repo-url>
cd signova
npm install
cp .env.example .env
# edit .env with your keys

Scripts

npm run dev            # Vite dev server
npm run build          # Production build
npm run preview        # Preview built SPA
npm run lint           # ESLint
npm test               # Vitest
npm run test:coverage  # Vitest with coverage
npm run check:css      # Validate CSS design tokens
npm run keygen         # Generate API/admin secrets

Running the serverless api/ functions locally requires the Vercel CLI:

npm i -g vercel
vercel dev

Environment variables

See .env.example for the full template.

Required (core)

VariablePurpose
ANTHROPIC_API_KEYPrimary AI generation
UPSTASH_REDIS_REST_URLRedis REST URL
UPSTASH_REDIS_REST_TOKENRedis auth token
EBENOVA_ADMIN_SECRETProtects /v1/keys/create
PROMO_SECRETHMAC secret for signed promo tokens

Stripe (required for paid flows)

VariablePurpose
STRIPE_SECRET_KEYStripe API
STRIPE_WEBHOOK_SECRETWebhook signature verification
STRIPE_PRICE_STARTER / _GROWTH / _SCALEMain API plan price IDs
STRIPE_PRICE_INSIGHTS_STARTER / _GROWTH / _SCALEInsights add-on price IDs

Optional (email, alt-payments, misc)

VariablePurpose
RESEND_API_KEYTransactional email
ALERT_EMAILWhere insight alerts are sent (defaults to info@ebenova.net)
GROQ_API_KEYFast preview + draft generation
OXAPAY_MERCHANT_KEYCrypto checkout
PAYSTACK_SECRET_KEY / PAYSTACK_PUBLIC_KEYNGN card checkout
FLUTTERWAVE_SECRET_KEY / FLUTTERWAVE_PUBLIC_KEYAfrican card checkout
NEXT_PUBLIC_APP_URLMagic-link base URL (defaults to https://www.getsignova.com)
CORS_ALLOWED_ORIGINSComma-separated CORS allowlist
LOG_LEVELDEBUG / INFO / WARN / ERROR
NODE_ENVdevelopment / production

Admin, cron, integrations (optional)

VariablePurpose
ADMIN_API_TOKENGates /v1/admin/revenue
ADMIN_SECRETGates api/admin/index-doc.js
BYPASS_ADMIN_SECRETGates api/create-bypass.js
CRON_SECRETAuthenticates /api/cron/ots-upgrade
POLL_CRON_SECRETAuthenticates /v1/insights/poll
FIELDOPS_API_URL / FIELDOPS_INTERNAL_KEYFieldOps bookings bridge
VIGIL_API_URLVigil compliance backend

Deployment

The project is deployed on Vercel:

  • Project: signova
  • Owner: ebenovasolu-5755s-projects
  • Domains routed via vercel.json redirects: apex getsignova.comwww.getsignova.com, apex ebenova.devwww.ebenova.dev
  • Cron jobs configured in vercel.json
vercel          # preview deploy
vercel --prod   # production deploy

Configure environment variables in Vercel → Project Settings → Environment Variables (mirror the list above).

Testing

Current status — be honest about what ships vs. what is planned:

AreaStatus
lib/sanitize.jsDone
lib/parse-body.jsDone
lib/cors-middleware.jsDone
API endpoint integration testsPlanned
React component testsPlanned

Run with npm test (Vitest). npm run test:coverage emits a v8 coverage report.

Project structure

signova/
├── api/                   # Vercel serverless functions
│   ├── v1/                # Versioned API (auth, billing, documents, insights,
│   │                      #   vigil, scope, contracts, extract, invoices, keys, admin)
│   ├── admin/             # Admin-only operator endpoints
│   ├── cron/              # Scheduled tasks (ots-upgrade)
│   ├── generate.js        # Premium document generation (Claude)
│   ├── generate-preview.js# Free preview generation (Groq)
│   ├── promo-redeem.js    # Promo code redemption (10 codes)
│   ├── stripe-*.js        # Consumer Stripe flow
│   ├── paystack-*.js      # Paystack flow
│   ├── oxapay-*.js        # OxaPay crypto flow
│   ├── mcp.js             # HTTP MCP endpoint
│   └── ...
├── lib/                   # Shared server libraries (auth, CORS, Redis, validators,
│                          #   sanitize, parse-body, logger, analytics)
├── src/                   # React SPA (pages, components, lib, styles)
├── mcp-servers/
│   ├── legal-docs/        # Legal document MCP server (publishable)
│   ├── insights/          # Insights MCP server (publishable)
│   └── scope-guard/       # Scope-guard MCP server
├── tests/                 # Vitest test suite
├── scripts/               # Dev utilities (keygen, CSS token check, etc.)
├── openapi.yaml           # OpenAPI 3.1.0 specification
└── vercel.json            # Vercel routing, redirects, cron
  • ebenova-legal-docs-mcp — published distribution of the legal-docs MCP server (npm, MCP Registry, Smithery, Glama, MCPize)

License

© 2026 Ebenova Solutions. All rights reserved. Commercial product — unauthorized copying, distribution, or modification is prohibited. See LICENSE.

Support

Documents generated by Signova are for informational purposes only and do not constitute legal advice. Always consult a qualified attorney before relying on AI-generated legal documents.

Server Config

{
  "mcpServers": {
    "ebenova-scope-guard": {
      "command": "npx",
      "args": [
        "-y",
        "@ebenova/scope-guard-mcp"
      ],
      "env": {
        "EBENOVA_API_KEY": "<YOUR_API_KEY>"
      }
    }
  }
}
Recommend Servers
TraeBuild with Free GPT-4.1 & Claude 3.7. Fully MCP-Ready.
AiimagemultistyleA Model Context Protocol (MCP) server for image generation and manipulation using fal.ai's Stable Diffusion model.
CursorThe AI Code Editor
MiniMax MCPOfficial MiniMax Model Context Protocol (MCP) server that enables interaction with powerful Text to Speech, image generation and video generation APIs.
RedisA Model Context Protocol server that provides access to Redis databases. This server enables LLMs to interact with Redis key-value stores through a set of standardized tools.
Jina AI MCP ToolsA Model Context Protocol (MCP) server that integrates with Jina AI Search Foundation APIs.
Playwright McpPlaywright MCP server
Baidu Map百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。
Howtocook Mcp基于Anduin2017 / HowToCook (程序员在家做饭指南)的mcp server,帮你推荐菜谱、规划膳食,解决“今天吃什么“的世纪难题; Based on Anduin2017/HowToCook (Programmer's Guide to Cooking at Home), MCP Server helps you recommend recipes, plan meals, and solve the century old problem of "what to eat today"
ChatWiseThe second fastest AI chatbot™
Zhipu Web SearchZhipu Web Search MCP Server is a search engine specifically designed for large models. It integrates four search engines, allowing users to flexibly compare and switch between them. Building upon the web crawling and ranking capabilities of traditional search engines, it enhances intent recognition capabilities, returning results more suitable for large model processing (such as webpage titles, URLs, summaries, site names, site icons, etc.). This helps AI applications achieve "dynamic knowledge acquisition" and "precise scenario adaptation" capabilities.
Tavily Mcp
Y GuiA web-based graphical interface for AI chat interactions with support for multiple AI models and MCP (Model Context Protocol) servers.
WindsurfThe new purpose-built IDE to harness magic
DeepChatYour AI Partner on Desktop
Visual Studio Code - Open Source ("Code - OSS")Visual Studio Code
MCP AdvisorMCP Advisor & Installation - Use the right MCP server for your needs
Serper MCP ServerA Serper MCP Server
EdgeOne Pages MCPAn MCP service designed for deploying HTML content to EdgeOne Pages and obtaining an accessible public URL.
BlenderBlenderMCP connects Blender to Claude AI through the Model Context Protocol (MCP), allowing Claude to directly interact with and control Blender. This integration enables prompt assisted 3D modeling, scene creation, and manipulation.
Amap Maps高德地图官方 MCP Server