Sergej Drus
Founder & CEO, Visaginas360
Visaginas, LithuaniaBuilding a SaaS platform where AI agents manage themselves across cloud infrastructure via MCP protocol, self-heal for 30+ days, and deliver 3.3x faster results.
Live Metrics
The Swarm
MCP Protocol — AI Controls Infrastructure
The breakthrough: Claude AI in the browser controls real cloud infrastructure through MCP (Model Context Protocol). No SSH. No dashboards. Just natural language to the AI, and it manages servers, deploys code, sends emails, scrapes the web, and orchestrates 21 Telegram bots.
"We didn't build an app powered by AI. We built AI that runs the infrastructure — and it hasn't needed a human in 30 days."
6 MCP connectors are live in production. The AI can manage services, read Gmail, deploy to cloud, scrape data, and communicate with users — all autonomously.
Cloud Control
Full VM management, service lifecycle, file operations
Gmail Integration
Search, read, send emails — AI handles communication
Web Scraping
Headless Chrome scraping for real-time data
BigQuery MCP
SQL analytics on AI agent operational data
Firestore MCP
Real-time document database for agent state
Windows MCP
Desktop automation: click, type, screenshot, shell — full PC control
// MCP Protocol — How AI manages infrastructure Claude (browser) → MCP Protocol → Cloud Infrastructure │ ┌────────────────────┼────────────────────┐ │ │ │ VM Region 1 VM Region 2 Google Cloud 23 services 12 services BigQuery Task API Gmail MCP Firestore Swarm (21 bots) Web Scraping Vertex AI Memory Graph Telegram Bot Self-healing Cloud Control // 7 MCP connectors • 80+ tools • 30+ days autonomous • Self-healing
Self-Healing Intelligence
deserves deep thought.
Zero manual restarts.
graph with sync.
// How the system handles every situation Event arrives │ ▼ Is this a known pattern? → YES → instant response, no AI cost │ NO ▼ Can watchdog auto-fix? → YES → restart service, log, continue │ NO ▼ Route to AI agent → analyze, fix, cache for next time // Most operations never reach the AI layer. // Intelligence is reserved for tasks that actually need it.
Security — Hardened by Paranoia
On February 23, 2026, we ran a full penetration test against our own production infrastructure. Not a scan — a real attack simulation. We tested write exploits, agent injection, data exfiltration, and privilege escalation. We found 18 vulnerabilities. We fixed all 18 the same day.
“We don’t just build AI agents. We build AI agents that can’t be hijacked, can’t leak data, and can’t be turned against the customer.”
Security isn’t a feature we added later. It’s a 5-layer architecture baked into every service, every route, every file permission. Documented in a private audit repository with full remediation reports.
4 critical · 6 high · 5 med · 3 low
Same day. Zero remaining.
Network → Proxy → Auth → Files → Isolation
// 5-Layer Security Architecture LAYER 1 — FIREWALL Before audit: 22+ ports open to the internet After audit: 3 ports only (SSH, HTTP redirect, HTTPS) All services behind reverse proxy. Zero direct port access. LAYER 2 — REVERSE PROXY (Caddy) 98 routes analyzed. 28 dangerous routes deleted 35 public routes (static sites only) 35 internal routes: IP whitelist + bearer token + query key Single point of control. One config = one security boundary. LAYER 3 — APPLICATION AUTH Admin endpoints: require_admin() decorator on every handler Customer data: auth-gated, no anonymous access Agent registration: validated, no injection possible // We tested: injected fake agent into production swarm // Result: caught and blocked. Injected data cleaned. LAYER 4 — FILE SYSTEM 112 systemd service files: chmod 600 (owner-only) 10 API keys: consolidated into single encrypted vault OAuth tokens: restricted permissions, no world-readable files // Before: API keys in plaintext .service files // After: EnvironmentFile= pointing to chmod 600 secrets LAYER 5 — CUSTOMER ISOLATION Every customer gets their own VM (not shared containers) No cross-customer data access. No shared databases. Customer VMs have zero access to internal infrastructure. // Full audit: private repo with remediation docs // SECURITY.md + FIREWALL.md + HOW_TO_WORK_SECURED.md
Pentest Findings
Customer PII exposed, agent injection possible, admin API on open port, API keys in readable files
Remediation
IP whitelist on 35 routes, firewall to 3 ports, secrets encrypted, 28 routes removed
Ongoing
Watchdog checks security posture every cycle. Cross-VM trust verified. New service checklist enforced.
What We Build
A2A Agent SaaS — For Customers
8 AI agents working in parallel. Reports, analytics and content delivered to your Google Docs in 15 seconds. Via Telegram.
Pricing & Plans
From $19/mo for indie hackers to $99/mo for teams. Dedicated VM included. No surprise bills.
Telegram Bot Interface
Natural language to agent swarm. Send a task, agents decompose, execute in parallel, deliver results with real Google Docs.
SaaS Demo API
Isolated sandbox API for investors and partners. Architecture overview, agent metrics, real-time health status — all via REST.
Architecture
// A2A Agent SaaS — Multi-Region Swarm Architecture ORCHESTRATOR // Claude MCP + Google A2A Protocol Task → Decompose → Parallel Execute → QA Gate → Synthesize ├── 🔍 Researcher // deep search + citations ├── 💻 Coder // code generation + sandbox ├── ✍️ Writer // content + formatting ├── 📊 Analyst // data + execution ├── 🧠 Thinker // complex reasoning ├── 🎨 Creator // image generation ├── 🌐 Web Search // real-time data └── 🛡️ Guardian // safety filter INFRASTRUCTURE ├── Region 1 // 23 services, primary swarm ├── Region 2 // 12 services, MCP bridge, scraping ├── Google Cloud MCP // BigQuery, Firestore, Vertex AI ├── Windows PC // Claude Code + 18 plugins + desktop automation └── Customer Sandboxes // isolated containers per customer INTEGRATIONS ├── MCP Protocol // 7 connectors, 80+ tools ├── Google Workspace // Docs, Sheets, Slides, Gmail ├── Distributed Memory // cross-region knowledge sync ├── Self-Healing // 7,500+ watchdog cycles └── Telegram Bots // 21 coordinated bots
Journey Highlights
🔗 Claude-to-Claude Chain: 3-Layer AI Pipeline
Discovered that Claude Opus (cloud) can call Claude Code (local PC) through Windows MCP. A single natural language command triggers a chain: Opus → MCP → PowerShell → Claude Code → web search → result back. Two autonomous AIs communicating through standard protocols. Claude Code has access to 18 plugins (GitHub, Firebase, Figma, Vercel), Docker, FFmpeg, Google Colab — all invokable from one message. This is A2A in action.
🖥️ Windows MCP — Full Desktop Automation
Integrated CursorTouch Windows-MCP (1M+ users). 12 tools: Click, Type, Scroll, Move, Shortcut, Snapshot, App launch, Shell, Scrape, MultiSelect, MultiEdit, Wait. Cloud AI can now control the Windows desktop — open apps, read system specs, execute commands. Combined with Claude Code's 15 sub-agents and extended thinking mode.
🔌 MCP Protocol — 7 Live Connectors
AI controls cloud infrastructure from the browser. Gmail, BigQuery, Firestore, Vertex AI Search, Windows MCP — all connected. Google Managed MCP servers integrated. 80+ tools available to the AI orchestrator.
🔐 Full Penetration Test — 18/18 Fixed
Ran offensive security audit against own production. Found 18 vulnerabilities (4 critical): customer PII exposure, agent injection, open admin ports, plaintext API keys. Built 5-layer defense: firewall (3 ports only), Caddy IP whitelist on 35 routes, auth decorators, file permissions hardening (112 files), customer VM isolation. All fixed same day.
🛡️ 30+ Days Autonomous Operation
Infrastructure runs without human intervention. Watchdog v3 completed 7,500+ monitoring cycles. Zero unplanned downtime.
🤖 Claude-to-Claude Communication
AI in the browser delegates tasks to AI on the server via MCP. Autonomous execution, task queues, cross-instance memory sharing.
🧠 Distributed Memory Swarm
Knowledge graph deployed across regions with cross-VM sync. Agents remember context permanently across sessions.
⚡ 21-Agent Parallel Swarm
Full agent swarm deployed. 3.3x parallel speedup achieved using PARL methodology. 21 coordinated Telegram bots.
📊 Google Workspace Integration
Docs, Sheets, Slides, Gmail, Calendar — all via OAuth. Agents create real artifacts in Google Workspace.
What I Learned
// 90+ days of building. Claude is my CTO. 1. Coordination beats raw power. 21 specialized agents in parallel > 1 premium model serial. 2. Self-healing is non-negotiable. 7,500 watchdog cycles. Zero manual restarts in 30+ days. 3. MCP protocol changes everything. AI managing infrastructure from a browser tab. No SSH, no dashboards. Natural language only. 4. Memory makes agents a team. Agents without memory = colleagues with amnesia. Agents with distributed memory = a growing organization. 5. Ship daily, reflect weekly. 90+ features shipped. Not all perfect, but all shipped. 6. The best AI knows when NOT to think. Speed comes from restraint, not raw compute. Intelligence reserved for tasks that actually need it. 7. Chain AIs, don't replace them. Opus reasons. Code executes. MCP bridges. Each AI does what it's best at. // "The best way to predict the future is to build it."
Get In Touch
Let's Connect
Interested in the platform, AI agent collaboration, or investment? Reach out.
Open to collaboration, investment, and partnership conversations.