Skip to main content
← /writing
  • #productivity
  • #open-source
  • #engineering

From Procrastination to Privacy-First Productivity (Part 2)

After building two open-source task managers to battle procrastination, I took it further — secure cloud sync, end-to-end encryption, and now an MCP server that connects your tasks to AI.

Vinny Carpenter3 min read565 words

A while back, I wrote about my long-running battle with procrastination and my endless quest for the perfect productivity app. After testing nearly every tool under the sun, I did what any reasonable engineer would do - I built my own.

That’s how Cascade and GSD Task Manager were born: two open-source, privacy-first task managers that run entirely in your browser. No accounts, no tracking, no data harvesting. Your tasks never leave your device: they’re stored locally using your browser’s IndexedDB. Lightweight, fast, and private by design.

But of course, no good side project stays simple for long. One of the most popular feature requests was syncing across devices. So, I built an optional, secure-by-design cloud sync powered by Cloudflare Workers. It stays true to the original principles - privacy, simplicity, and transparency.

Under the hood, GSD Task Manager uses OAuth 2.0 with OpenID Connect (OIDC) for authentication and PKCE (Proof Key for Code Exchange) to protect the authorization flow. Everything runs on a zero-trust architecture, with user data encrypted using passphrase-derived keys — meaning you hold the keys, not me.

TL;DR (for non-tech folks):
Your data stays private and secure. You can sync your tasks safely between devices without giving up control of your information.

And because I can’t stop tinkering, the next most-requested feature was support for an MCP Server — the Model Context Protocol that lets AI tools like ChatGPT or Claude securely connect to external data sources. Folks wanted to query their tasks and metadata through AI tools for deeper insights, analysis, and automation.

So, I built that too.
GSD Task Manager now ships with an MCP Server, letting your tasks talk to your favorite AI assistant.


🧠 Acronym Decoder for the Rest of Us

Let’s be honest — tech folks love acronyms. Here’s a quick cheat sheet so you don’t need a decoder ring:

  • OAuth 2.0 – A fancy way of saying “log in safely without giving away your password.” Think of it as a secure valet key for your data.
  • OIDC (OpenID Connect) – The protocol that remembers who you are, not just that you got in. It’s OAuth’s responsible older sibling.
  • PKCE (Proof Key for Code Exchange) – A security handshake that prevents sneaky hackers from stealing your login ticket mid-air.
  • MCP (Model Context Protocol) – A universal translator that lets AI models talk to apps and data sources. It’s like giving ChatGPT a passport and a map.
  • IndexedDB – Your browser’s secret storage closet. That’s where your tasks quietly live when no one’s looking.

So, if all those acronyms started sounding like a new boy band, don’t worry — they just keep your data safe, synced, and private.


How to Use the MCP Server

# What Users Need to Do

1. Install MCP Server:
   npm install -g gsd-mcp-server

2. Configure your AI tool of choice:

   Add the following configuration:
   {
     "mcpServers": {
       "gsd-taskmanager": {
         "command": "npx",
         "args": ["-y", "@gsd/mcp-server"],
         "env": {
           "GSD_API_BASE_URL": "https://gsd.vinny.dev",
           "GSD_AUTH_TOKEN": "your-jwt-token",
           "GSD_ENCRYPTION_PASSPHRASE": "your-passphrase"
         }
       }
     }
   }

3. Restart your AI app of choice and test

If you want to kick the tires, the repo’s open and waiting for you. I’d love your feedback and ideas on what to build next.

👉 Read the original story and get the links

Shared on LinkedIn

// found this useful? share it

Post on X Share to LinkedIn
Vinny Carpenter

Written by Vinny Carpenter

VP Engineering · 30+ years building software

I lead engineering teams building cloud-native platforms at a Fortune 100 company. I write about engineering leadership, AI-assisted development, platform strategy, and the hard lessons that come from shipping at scale.

keep reading