Roadmap
Not a commitment; a sketch of where the platform is heading. Re-read git log for what's actually shipping.
In near-term plans
Third-party agents
Today every agent is first-party (skipConsent: true, manual admin onboarding). The path to opening it:
- Self-service agent creation flow (with email verification).
- Per-agent consent screen on
/consent. - Scope audit + manual review queue.
- Revenue share + payouts via Stripe Connect.
Customer Portal
Self-service subscription management (upgrade, downgrade, change payment method, view invoices) via Stripe Billing Portal. Currently users go through marketplace UI which calls POST /me/subscriptions/:agentId/cancel.
Public OpenAPI spec endpoint
Today the spec is consumed via repo files. Publish https://api.fleapo.ai/openapi.json so external integrators can curl it.
Notify-the-waitlist button
Admin UI button that emails everyone on agent_waitlist when an agent flips to active. Today it's a manual SQL export.
Background reconciliation jobs
- Nightly: reconcile Stripe subscriptions vs local DB (catch missed webhooks).
- Hourly: GC unreferenced uploaded files.
- Daily: roll up
agent_metrics_dailyfrom raw event data.
Real distributed tracing
Replace the requestId UUID with OpenTelemetry traces. Propagate traceparent to agents. Sample at 1–10% in prod.
Maybe / requested
Trust signals
agent.trustSignals[] is in the schema and frontend type but underused. A future flow could let admins attach badges ("SOC 2", "Verified", "Built by Fleapo"), each surfaced on the detail page.
Cohort analytics
Per-agent retention, conversion, ARPU. The data is in interactions + user_agent_subscriptions + usage_ledger but no canned dashboards.
Webhook-out for agents
Marketplace → agent backend webhooks for subscription.activated, subscription.canceled, etc. Today agents poll. Webhook would close the loop faster and enable proactive provisioning.
This is a big architectural shift: it makes the marketplace a producer of events. Will need queue + retry + signature scheme.
Per-org subscriptions
Today subscriptions are (userId, agentId). Adding (orgId, agentId) would let an org admin pay once and grant access to all members. Requires schema change and OAuth scope updates.
Real user-deletion endpoint
GDPR / DPDP-compliant self-service deletion. Today: manual SQL.
Out of scope (explicit non-goals)
- Agent runtime — the marketplace will never execute agent logic. Always separate.
- Generic "data marketplace" — agents stay focused on AI service listings.
- White-label — the marketplace UI brand is fixed.
How to influence
Open an RFC in the appropriate repo's GitHub issues with:
- Problem statement.
- Proposed shape (schema / endpoints / UX).
- Alternatives considered.
- Migration risk.
Discuss before coding. Avoid the trap of merging a 3000-line PR that decides architecture.