MBC creator here. Released the initial version last week, now v0.2.0 with security hardening: safe JSON serialization (no PHP unserialize), private broadcast channels with auth, sensitive data filtered from API responses, Sanctum auth + rate limiting on all endpoints, and fail-fast API key validation.
Tested in production with a 5-agent pipeline building CRM modules: Architect → Backend → Frontend → Security Auditor → DevOps Integrator. A complete Contacts module (models, migrations, services, controllers, Vue pages, OWASP audit) in ~3 minutes for $0.41.
The interesting part: the security agent found real vulnerabilities in code the other agents generated — SQL injection via DB::raw(), mass assignment with $request->all(), unsanitized v-html. Agents auditing agents.
MBC (Model Backend Controller) flips the MCP pattern: instead of AI calling your backend, your backend orchestrates AI agents as autonomous workers with tools.
Tested in production with a 5-agent pipeline building CRM modules: Architect → Backend → Frontend → Security Auditor → DevOps Integrator. A complete Contacts module (models, migrations, services, controllers, Vue pages, OWASP audit) in ~3 minutes for $0.41.
The interesting part: the security agent found real vulnerabilities in code the other agents generated — SQL injection via DB::raw(), mass assignment with $request->all(), unsanitized v-html. Agents auditing agents.
Demo (34s): https://youtu.be/A_GiAqIWJxE
Install: composer require undergrace/laravel-mbc
reply