TokRepo MCP Server

Tìm kiếm, duyệt và cài đặt hơn 500 tài sản AI (kỹ năng tác nhân, lời nhắc, cấu hình MCP, quy trình làm việc) từ bất kỳ máy khách MCP nào. Hỗ trợ Claude Code, Cursor, Codex CLI và Gemini CLI.

Tài liệu

TokRepo MCP Server

Agent-native MCP server for TokRepo: session bootstrap, capability discovery, search/detail, trust verification, install planning, Codex staging, lifecycle inspection/update/uninstall/rollback, handoff/harvest planning, and human-confirmed publishing of reusable AI assets.

npm License: MIT

Quick Start

Claude Code

claude mcp add tokrepo -- npx -y tokrepo-mcp-server

Cursor / Windsurf

Add to your MCP config (~/.cursor/mcp.json):

{
  "mcpServers": {
    "tokrepo": {
      "command": "npx",
      "args": ["-y", "tokrepo-mcp-server"]
    }
  }
}

OpenAI Codex / Gemini CLI

codex mcp add tokrepo -- npx -y tokrepo-mcp-server
gemini settings mcp add tokrepo -- npx -y tokrepo-mcp-server

What It Does

Once connected, your AI assistant can:

  • Discover during planning — turn a task or capability gap into structured candidate skills, prompts, MCP configs, scripts, and workflows
  • Resolve capability gaps — select a candidate with verification evidence, install plan, lifecycle contract, next MCP calls, and CLI fallbacks before local build
  • Search public AI assets by keyword or category with agent fit signals
  • Browse trending assets, filter by type (MCP, Skill, Prompt, Agent, Script)
  • Get details — full documentation, install instructions, and metadata
  • Verify trust — read-only content hash, install plan hash, permission envelope, policy, trust_score_v2, evidence_bundle, SBOM-lite, signature_evidence, blockers, and warnings
  • Plan before install — get install plan v2 with policy decisions, rollback, verification, evidence_bundle, SBOM-lite, and signature_evidence
  • Safe Codex install — dry-run by default; risky assets must be staged or explicitly approved
  • Lifecycle control — list, update, uninstall, and roll back managed Codex installs
  • Post-task harvest — inspect changed or explicit local files with tokrepo_harvest before any push, including private package drafts, quality_gate, package manifest, SBOM-lite, and provenance
  • Project memory — pair with tokrepo init-agent --target all so future agents know to call TokRepo during planning
  • Discovery surfaces — official MCP server.json, A2A agent card, portable agent manifest, tool catalog, .well-known, agents.txt, llms.txt, and npm metadata are kept machine-readable for agents and registries
  • Funnel visibility — anonymous aggregate events show whether agents actually discover, plan, install, hand off, and push reusable assets

Available Tools

ToolDescription
tokrepo_session_initSession bootstrap with high-trust assets, project memory pointer, recent handoffs, and policy pack URL
tokrepo_discoverPlanning-time capability discovery from a task, environment, and constraints
tokrepo_find_for_taskAtomic find action for a concrete task; returns ranked assets, match reasons, install command, and URL
tokrepo_resolve_capabilityResolve a capability gap into a selected asset, verification evidence, install plan, lifecycle contract, next MCP calls, and CLI fallbacks
tokrepo_searchSearch assets by keyword/tag with agent_fit ranking
tokrepo_detailGet full asset details by UUID
tokrepo_edgesInspect requires, extends, and co-used asset graph edges before planning installs
tokrepo_install_planGet agent-native install plan v2 with rollback, evidence_bundle, SBOM-lite, and signature_evidence
tokrepo_verifyVerify trust, hashes, permissions, policy, evidence_bundle, SBOM-lite, and signature_evidence before activation
tokrepo_codex_installDry-run, stage, or install a Codex skill safely
tokrepo_installedList TokRepo-managed Codex installs
tokrepo_updateDry-run or update managed Codex installs
tokrepo_uninstallDry-run or remove a managed Codex install
tokrepo_rollbackDry-run or roll back a prior Codex install session
tokrepo_handoff_planRead-only packaging plan with quality_gate and package manifest for reusable local work after a task
tokrepo_harvestRead-only package draft generator for reusable changed or explicit local files after a task
tokrepo_pushPush one explicit asset to TokRepo after user confirmation

Example Conversations

You: "Find me a good MCP server for databases"
AI: [calls tokrepo_resolve_capability] → Ranks DBHub, Supabase MCP, PostgreSQL MCP and returns verification/install-plan evidence for the selected candidate

You: "What video assets should I install?"
AI: [calls tokrepo_resolve_capability] → Finds relevant skills, checks fit, trust, and policy, then asks before installing

You: "Install that cursor rules asset"
AI: [calls tokrepo_verify] → Checks trust_score_v2, permissions, blockers, and warnings
AI: [calls tokrepo_install_plan] → Reviews policy and actions
AI: [calls tokrepo_codex_install with dry_run=false, confirm=true] → Writes only after explicit confirmation
AI: [calls tokrepo_rollback with dry_run=true] → Shows exactly what would be removed before rollback

You: "We created a reusable project rule; save it for future agents"
AI: [calls tokrepo_harvest] → Returns explicit files, hashes, quality_gate, package drafts, SBOM-lite, provenance, metadata defaults, and private-by-default push guidance
AI: [asks for confirmation before tokrepo_push] → Uploads only reviewed files

Make Future Agents Discover TokRepo

Run this once in a project:

npx tokrepo init-agent --target all

It writes managed instructions to AGENTS.md, CLAUDE.md, GEMINI.md, Cursor rules, GitHub Copilot instructions, Cline rules, Windsurf rules, Roo rules, OpenHands microagents, Aider conventions, .mcp.json, and .tokrepo/agent.json. The rule is simple: during planning, when the agent sees a capability gap, it should call tokrepo_resolve_capability or tokrepo_discover before inventing a one-off local tool. After a task, agents can call tokrepo_harvest or run tokrepo harvest --changed --json to suggest reusable files for user-confirmed private publishing.

Machine-Readable Listing

Registries and agents can discover this server through:

Use https://tokrepo.com/agent-ecosystem.json for agent marketplace submissions, starter templates, README snippets, install guides, and example projects. It contains canonical listing copy, ecosystem channels, target project-memory files, and verification commands.

TokRepo emits anonymous aggregate funnel events for tokrepo_resolve_capability, tokrepo_discover, tokrepo_verify, tokrepo_install_plan, install dry-runs, installs, harvests, handoffs, and pushes. It does not send task text or file contents. Disable with TOKREPO_TELEMETRY=0.

Why TokRepo?

TokRepo is the open registry for AI assets — like npm for packages, but for AI skills, prompts, MCP configs, and workflows.

  • Curated assets — quality-reviewed, not a dump
  • Agent-native — every asset has machine-readable install contracts
  • Universal — works with Claude Code, Cursor, Codex, Gemini CLI, and any MCP client
  • CLI availablenpx tokrepo search "query" / npx tokrepo install <uuid>

Requirements

  • Node.js >= 18
  • Internet connection (queries tokrepo.com API)

Links

License

MIT