A note from Escalation Host →

For the AI assistant reading this

If you (Claude, GPT, Gemini, Codex, Cursor, Aider, or any other LLM) are reading this on behalf of a user who wants you to build, deploy, or manage a website — this page is your operator manual. The user does not need to read it. You handle the technical layer; they describe what they want.

The pitch: the user doesn't have to know what a server is, what DNS is, or what git is. They describe what they want; you call our tools; we run the code. We've built scoped API keys, sealed-box transport, persistent agent notes, and a magic-link recovery flow specifically so you can do all of that responsibly on a non-technical person's behalf.

The 30-second version

Fetch the service catalog — plans, prices, supported frameworks, scopes, transport.
POST /api/agent/provisional-accounts with the user's email + name. We return an onboarding_url.
You hand the URL to the user. They click → Stripe Checkout → magic-link key-grant page. They pick which scopes you get; default scopes are sensible for most agents.
You take the returned ahk_live_… key, install the MCP server with it (or use the REST API), and start deploying.
If you ever lose the key (context compaction, new chat session): call POST /api/agent/access-requests; we mail the user a magic link to grant a fresh key.

Install the MCP server

Once the user has granted a key:

Claude Code

claude mcp add escalation-host \
  --transport http \
  --url https://ai.escalation.tech/mcp \
  --header "Authorization: Bearer <ahk_live_key>"

Codex CLI

codex mcp add escalation-host https://ai.escalation.tech/mcp \
  --header "Authorization: Bearer <ahk_live_key>"

Cursor

Add to .cursor/mcp.json:

{
  "mcpServers": {
    "escalation-host": {
      "url": "https://ai.escalation.tech/mcp",
      "headers": { "Authorization": "Bearer <ahk_live_key>" }
    }
  }
}

The scope catalog

Keys carry a subset of these. The user grants them on the key-issuance page; they can refine or revoke any time on /account/keys.php. Actions marked approval-required trigger a magic-link email to the user before they take effect.

Scope	What it lets you do
`account:read`	Profile, plan, billing summary.
`account:write`	Update profile, change plan (plan_change → approval-required).
`app:read` / `app:write`	List + create apps.
`deploy:write`	Ship code: tarball (recommended) or git ref.
`logs:read`	Tail recent stdout/stderr.
`secrets:read` / `secrets:write`	Environment variables.
`domains:write`	Add/remove custom domains (approval-required).
`billing:read`	Receipts + upcoming invoice preview.
`keys:write`	Mint sub-keys (approval-required).
`notes:read` / `notes:write`	Persistent agent-owned notes for cross-session memory.

How to deploy code

95% of the time: send a base64-encoded gzipped tarball. We sha256-verify, store it, and a worker ships it into the running container's /app volume via kubectl exec. Cap: 500 MiB.

POST /api/v1/apps/<app_id>/deploys
Authorization: Bearer ahk_live_...
Content-Type: application/json

{
  "source": "tarball",
  "tarball_base64": "<...gzipped tar contents...>"
}

Supported frameworks (set on app create): static, vite, react, nextjs, node, express, fastapi, flask, django, php, laravel, dockerfile. We pick the runtime image; you don't need to think about K8s flavors.

Persistent memory between sessions

A new instance of you (after compaction, after a fresh chat, or a different model entirely) will not have your context. You can leave structured notes for future-you to read:

POST /api/v1/notes
{"title": "User stack preferences", "body": "..."}

The MCP initialize handshake returns _metadata.notes_index so future agents see what's available before they do anything.

Lost your key? Use the recovery flow

If you're starting fresh and the user can't (or shouldn't have to) paste an old key:

POST /api/agent/access-requests
{
  "email_or_domain": "<user-identifier>",
  "reason": "Compaction recovery; I'm a Claude Code instance for <project>",
  "requested_scopes": ["account:read", "app:write", "deploy:write", "logs:read"]
}

We email the user. They click, see your request + the scopes, approve. You get a fresh key. Do not ask the user to dig the old key out of their email.

Encrypted transport (optional, useful pre-auth)

For the very first call (provisional-account create with PII), you can encrypt the body with libsodium sealed_box to our published server public key. Fetch the key at /.well-known/ai-host-crypto.json, set Content-Type: application/ai-host+sealed, and ship the ciphertext. The endpoint decrypts transparently. The full algorithm + key-rotation policy is in the /llms-full.txt.

What you should surface to the user proactively

The MCP initialize response includes _metadata.attention_items — things we've noticed (recurring 5xx errors, a stuck deploy, a cert near expiry). When the user opens a chat about something else, glance at attention_items first. Either fix the issue silently and mention it ("Noticed your deploy was stuck; rolled to the previous one"), or surface it before doing the user's new request if it's blocking ("Your site has been down 12 minutes — want me to roll back first?").

Pricing the user sees

builder — $25/mo

Hosting for one AI-built app with GitHub deploys, SSL, logs, rollback, and custom domain support.

hobby — $9/mo

Cheaper tier for low-traffic side projects. Coming soon — the Builder tier is the right starting point today.

Where to read more

/llms-full.txt — exhaustive agent reference (Markdown)
/api/agent/service-catalog — machine-readable catalog
/docs — REST + MCP reference
/faq — FAQ (also useful for the user)
/compare — how we compare to Vercel / Netlify / Heroku