npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@elvenvtt/mcp-account

v0.7.2

Published

MCP stdio server exposing Elven creator account management to AI agents (Claude Code, Cursor, etc.).

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

aoatkinsonaoatkinson

Keywords

elvenmcpmodel-context-protocolai-agentsclaudecreator-economy

Readme

@elvenvtt/mcp-account

MCP server exposing Elven creator account management to AI agents (Claude Code, Cursor, Claude Desktop, hosted Claude, and anything else that speaks the Model Context Protocol).

The agent-facing companion to @elvenvtt/cli. Same auth, same verbs, different surface: tools instead of commands.

Full docs: docs.elvenvtt.com/docs/agent-platform/mcp-setup

Two transports — pick the one that fits your agent host:

Transport 1: stdio (Claude Code / Cursor / Claude Desktop)

For local agents that can spawn subprocesses.

npm install -g @elvenvtt/mcp-account

Add to your agent's MCP config (e.g. .mcp.json in your project root, or Claude Desktop's claude_desktop_config.json):

{
  "mcpServers": {
    "elven-account": {
      "command": "elven-mcp-account"
    }
  }
}

Transport 2: HTTP (cloud agents, web Claude, hosted Cursor, CI)

For agents that can't spawn subprocesses. Streamable HTTP, JSON-RPC over POST. No install needed — point your MCP client at the hosted endpoint.

{
  "mcpServers": {
    "elven-account": {
      "type": "http",
      "url": "https://mcp.elvenvtt.com/mcp",
      "headers": { "Authorization": "Bearer el_pat_..." }
    }
  }
}

Every request is stateless and re-verifies the token — no sessions, no cookies. The HTTP transport intentionally omits publish.companion (it reads .elven.json from a local project dir, which doesn't exist over HTTP); use the stdio transport or elven publish from a terminal when you need that flow.

Auth (stdio transport)

You must have either:

  • Logged in via the CLI firstnpx @elvenvtt/cli login. The stdio server reads the cached session from your OS keyring (or ~/.elven/credentials on Unix).
  • OR set ELVEN_TOKEN to a PAT (el_pat_…) — best for CI / headless / cloud-hosted agents:
{
  "mcpServers": {
    "elven-account": {
      "command": "elven-mcp-account",
      "env": { "ELVEN_TOKEN": "el_pat_..." }
    }
  }
}

Auth (HTTP transport)

Pass a PAT via the Authorization header per the config above. JWTs also work but PATs are recommended for non-interactive agents.

Get a token

Tools

24 tools total. Descriptions in the actual tool registration include usage hints for the agent (when to prefer one tool over another, which ones are destructive).

Identity

| Tool | Purpose | |---|---| | whoami | Identify the authed account. Call FIRST to confirm identity. |

Listings

| Tool | Purpose | |---|---| | listing.list | Browse public listings. | | listing.mine | Your own listings including drafts. | | listing.show | Full detail for one listing id. | | listing.create | Create a new listing (raw — usually prefer publish.companion). | | listing.update | Patch listing fields. | | listing.delete | DESTRUCTIVE — permanent. |

Publish

| Tool | Purpose | |---|---| | publish.companion | Build + upload + sync — the "one command from edit to live" flow. | | publish.uploadFile | LOW-LEVEL single-file upload. |

Posts

| Tool | Purpose | |---|---| | post.new | Create a post (draft by default; publishing fires a follower fanout). | | post.list | List a user's posts (yours includes drafts). | | post.show | Full content of one post. | | post.update | Patch fields. | | post.delete | DESTRUCTIVE. |

Drops

| Tool | Purpose | |---|---| | drop.create | Create a time-windowed drop. | | drop.list | List a user's drops. | | drop.show | Drop + your claim/eligibility state. | | drop.update | Patch fields. | | drop.delete | DESTRUCTIVE. |

Followers

| Tool | Purpose | |---|---| | followers.count | Public follower count for any user. | | followers.following | Who the authed user follows. |

Analytics

| Tool | Purpose | |---|---| | analytics.overview | Followers + subscribers + drops + recent activity (one round-trip). | | analytics.sales | Sales totals, top listings, recent purchases. |

Tokens

| Tool | Purpose | |---|---| | tokens.list | List your PATs (no plaintext). Create/revoke are intentionally NOT exposed via MCP — those go through the CLI or Studio. |

Design

  • Pure-function handlers (input, ctx) → output. Adding an HTTP transport later is wrapping these.
  • Token priority: ELVEN_TOKEN env > CLI cached creds > clear error to stderr + exit 1.
  • Same backend as the CLI — all calls go through @elvenvtt/api. If something works in elven, it works here.
  • Destructive tools are flagged in their descriptions — agents are expected to confirm with the user before calling them.

Security

The Authorization header is the credential. Treat it like a password — ELVEN_TOKEN env var instead of inline in MCP config, gitignore your .mcp.json if you ever inline the literal value, audit + revoke unused tokens from Studio Developer → CLI Tokens. Full guidance at docs.elvenvtt.com/docs/agent-platform/security.

License

MIT.