{"id":"apify-mcp-cli","name":"mcp-cli","homepage":"https://npmjs.com/package/@apify/mcpc","repo_url":"https://github.com/apify/mcp-cli","category":"devtools","subcategories":[],"tags":["mcp","cli","ai-agents","automation","oauth","keychain","json","typescript"],"what_it_does":"mcpc (@apify/mcpc) is a universal CLI client for the Model Context Protocol (MCP) that exposes MCP server operations as intuitive shell commands, supports persistent sessions via a bridge process, and provides OAuth 2.1 (PKCE) and secure credential storage (OS keychain / fallback file). It can also output consistent JSON for scripting and includes a proxy mode for authenticated session access from AI “code mode” environments, with experimental x402 support for agentic payments.","use_cases":["Inspecting MCP servers and listing tools/resources/prompts","Calling MCP tools from interactive shells or scripts","Integrating MCP into AI coding workflows via deterministic JSON output (code mode)","Maintaining stateful MCP sessions efficiently across repeated commands","Securely authenticating to OAuth-enabled MCP servers with PKCE and token refresh","Searching (grep) tools/resources/prompts across sessions for dynamic tool discovery"],"not_for":["A general-purpose REST/GraphQL API wrapper for MCP outside CLI usage","Use as a standalone LLM/agent runtime (it explicitly “doesn’t use LLMs on its own”)","Environments that cannot support any form of secure credential storage (keychain or the documented file fallback)"],"best_when":"You need a CLI-first way to connect to MCP servers (stdio or streamable HTTP), maintain persistent sessions, and automate tool calls with machine-readable JSON and secure OAuth/Bearer auth handling.","avoid_when":"You require a stable, documented REST/OpenAPI/SDK interface for MCP operations or strict guarantees about rate-limit behavior without server-specific context.","alternatives":["Using MCP client libraries directly in your application (e.g., @modelcontextprotocol/sdk)","Writing a thin wrapper around MCP stdio/HTTP transport protocols","Using an MCP proxy specific to your hosting environment (rather than a universal CLI)"],"af_score":60.5,"security_score":69.5,"reliability_score":38.8,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:28:20.395852+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":true,"sdk_languages":["TypeScript"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Anonymous access (no credentials) for compatible servers","Bearer token authentication via --header (Authorization: Bearer ...)","OAuth 2.1 with PKCE (via login command, browser-based initiation)"],"oauth":true,"scopes":false,"notes":"OAuth 2.1 + PKCE is documented as including discovery steps and automatic token refresh; Bearer tokens are stored securely for the session but not as reusable OAuth profiles. The README describes OS keychain storage with a fallback file store on headless environments."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing details in the provided content; x402 support is marked experimental as an agentic payments feature, not a pricing model for mcpc itself."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":60.5,"security_score":69.5,"reliability_score":38.8,"mcp_server_quality":80.0,"documentation_accuracy":78.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":65.0,"rate_limit_clarity":10.0,"tls_enforcement":80.0,"auth_strength":85.0,"scope_granularity":35.0,"dependency_hygiene":55.0,"secret_handling":85.0,"security_notes":"README describes OAuth 2.1 with PKCE, secure credential storage using OS keychain with a documented fallback to a file store (mode 0600) for headless environments. It also supports Bearer tokens via --header stored securely in the OS keychain for the session. Rate limiting and transport-layer details beyond HTTPS defaults are not clearly specified in the provided excerpt.","uptime_documented":0.0,"version_stability":50.0,"breaking_changes_history":30.0,"error_recovery":75.0,"idempotency_support":"false","idempotency_notes":"CLI commands are generally stateless per call but actions like tool calls may not be idempotent by protocol; the README emphasizes session lifecycle and error recovery but does not clearly mark specific MCP operations as idempotent.","pagination_style":"none","retry_guidance_documented":true,"known_agent_gotchas":["Key-value argument parsing uses := without spaces; spaces around := will break argument parsing.","JSON mode ( --json ) emits only JSON for most commands; it is not available for shell/login/help.","OAuth requires user-initiated login (browser open); mcpc won’t open the browser automatically.","Persistent sessions can become unauthorized/expired/crashed; agents should follow the documented recovery steps (login + restart/close as appropriate)."]}}