CanopyKids — Children's AI Safety & Compliance (MCP)

A hosted MCP server that screens prompts against children's-AI safety and compliance law before they reach the model. Point any MCP client at the /mcp URL, call a tool, and get back a verdict: pass · block · modified · flag. Billed pay-per-event — one charge per tool request.

CanopyKids sits between a child and the foundation model (Claude, GPT, Gemini). Every prompt is evaluated against an 8-jurisdiction policy graph and, for minor users, rewritten through an age-appropriate developmental scaffold — so the runtime doesn't just block harm, it redirects kids toward developmentally sound thinking.

---

Connect in 30 seconds

This Actor runs in Standby mode — it's a always-on server, not a one-shot run. Start it, grab the endpoint, and connect your MCP client.

1. Click Start (or call the Standby URL directly — it boots on first request).
2. Copy the endpoint from the run's Output tab (mcpEndpoint), or build it: https://<your-username>--canopykids-apify.apify.actor/mcp/ (note the trailing slash — /mcp 307-redirects to it).
3. Add it to your MCP client.

Claude Desktop / Cursor (mcp.json):

{
  "mcpServers": {
    "canopykids": {
      "url": "https://<your-username>--canopykids-apify.apify.actor/mcp/",
      "headers": { "Authorization": "Bearer <YOUR_APIFY_TOKEN>" }
    }
  }
}

Vercel (AI SDK / app backend): call inspect_prompt before you forward the user's message to the model. Works in any Node/Edge route handler.

// app/api/guard/route.ts
import { Client } from "@modelcontextprotocol/sdk/client/index.js";
import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js";

const client = new Client({ name: "my-vercel-app", version: "1.0.0" });
await client.connect(
  new StreamableHTTPClientTransport(
    new URL("https://<your-username>--canopykids-apify.apify.actor/mcp/"),
    { requestInit: { headers: { Authorization: `Bearer ${process.env.APIFY_TOKEN}` } } },
  ),
);

const result = await client.callTool({
  name: "inspect_prompt",
  arguments: { prompt, session_id, organization_id: "your-org", platform: "openai" },
});
const verdict = JSON.parse(result.content[0].text); // { verdict: "pass" | "block" | "modified" | "flag", ... }
if (verdict.verdict === "block") return Response.json({ message: verdict.message_to_user }, { status: 200 });

Listing on the Vercel Marketplace? Builders add the integration via the integrations block in vercel.json; the endpoint and APIFY_TOKEN are injected as env vars.

Lovable (project manifest): drop a .lovable/canopykids.json at the project root so the MCP is registered for every deployed build. When the runtime detects a minor user, mandate-on-detect enforcement kicks in automatically.

{
  "canopykids": {
    "version": "v2.0",
    "project_id": "proj-001",
    "enforcement_mode": "scaffold",
    "api_url": "https://<your-username>--canopykids-apify.apify.actor/mcp/",
    "suggested_by_default": true
  }
}

This is exactly what LovableConnector.manifest(project_id) emits (point api_url at your Apify endpoint instead of the default https://api.canopykids.ai/mcp).

Your Lovable backend (Supabase edge function, etc.) then calls inspect_prompt using the same MCP client shown in the Vercel snippet above. See docs/MCP_CONNECTORS.md for Replit, Bolt, v0, and the enforcement-mode reference.

Health check: GET <endpoint-host>/health returns 200 when the policy rule graph is loaded and fresh.

---

Pricing

Pay-per-event — $0.10 per tool request. One charge per handled tool call, regardless of verdict. pass and block cost the same, so blocking is never the cheaper path. No subscription, no per-seat fee.

---

Tools

Tool	Purpose
inspect_prompt (primary)	Screen a prompt against the policy graph. Returns a verdict (pass / block / modified / flag), triggered rules, and any injections.
canopykids_ask_better_questions	Full pipeline: detect minor → apply developmental scaffold → queue parent digest. Returns rewritten system + user prompt and a user-facing message.
canopykids_scaffold	Apply the age-tiered developmental scaffold to a child's prompt (Socratic / productive-struggle / anti-offloading).
canopykids_detect_minor	Detect whether a session involves a minor. Returns is_minor, confidence, mandate_required, age_tier_hint.
get_policy_summary	Return the active compliance policy profile for this session.
get_session_stats	Return message / flag / block counts and duration for a session.

inspect_prompt parameters

Parameter	Type	Required	Description
prompt	string	✅	The user's message
session_id	string	✅	Unique session identifier
organization_id	string	✅	Your organization ID
platform	enum	✅	claude, openai, gemini, copilot, other
user_age	integer	—	User's age (defaults to profile max)
user_jurisdiction	string	—	e.g. US-CA, EU, AU

---

Verdict model

Every inspect_prompt call returns one of four verdicts:

Verdict	Action	Meaning
pass	FORWARD	Safe — forward to the AI model (may include disclosure injections).
block	DO_NOT_FORWARD	Blocked under policy — returns a child-safe message and the triggered rule(s).
modified	FORWARD_MODIFIED	Rewritten into a developmentally appropriate prompt before forwarding.
flag	FORWARD	Forwarded, but a crisis/safety injection is added and the event is flagged.

{
  "verdict": "block",
  "action": "DO_NOT_FORWARD",
  "message_to_user": "I can't help with that. Let's talk about something else!",
  "blocked_reason": "Content blocked under SB-243 (US-CA).",
  "triggered_rules": [{ "id": "CA-SB243-002", "law": "SB-243", "jurisdiction": "US-CA" }],
  "latency_ms": 18.4
}

---

Configuration

All input fields are optional and map to environment variables. Leave everything blank to run with the bundled default K-12 policy profile.

Field	Maps to	Description
CanopyKids API key	CANOPYKIDS_API_KEY	(secret) Fetches your org's policy profile + rule-graph updates.
Organization ID	CANOPYKIDS_ORG_ID	Your CanopyKids org ID.
Policy profile ID	CANOPYKIDS_PROFILE_ID	Which policy profile to load (default: default).
Canonical API base URL	CANOPYKIDS_BASE_URL	Default https://api.canopykids.ai.
Database URL	DATABASE_URL	(secret) Postgres for audit/trace persistence; falls back to ephemeral SQLite.
Store raw prompt content	STORE_RAW_CONTENT	Keep false — never persist raw child prompts, only hash traces.
Max rule-graph age (sec)	RULE_GRAPH_MAX_AGE_SEC	/health reports unhealthy if the graph is older than this (default 86400).

---

Privacy

Built for resale into multi-tenant, kid-touching apps:

• No raw prompts stored by default — only SHA-256 hash traces in the audit log.
• Parent digests summarize behavior, never quote the child.
• Verdicts are computed locally against the policy graph; charging never gates or alters the safety decision.

---

Learn more

• docs/PRODUCT_OVERVIEW.md — full product overview, pipeline, and science backbone
• docs/ARCHITECTURE.md — how the parts fit together
• docs/SCAFFOLD.md — developmental scaffold templates
• docs/APIFY_DEPLOY.md — deploying this Actor