npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@foxframe/production-suite-mcp

v0.1.0

Published

MCP server giving AI clients (Claude Desktop, Claude Code, Cursor, Windsurf) full read/write access to Production Suite — projects, budgets, schedules, scripts, tasks, deliverables, and resources.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

thomwmillthomwmill

Keywords

mcpmodel-context-protocolclaudevideo-productionsupabaseproduction-suite

Readme

Production Suite MCP Server

An MCP server that gives AI clients (Claude Desktop, Claude Code, Cursor, Windsurf, and any other MCP-speaking client) full read/write access to your Production Suite workspace — projects, budgets, schedules, scripts, deliverables, tasks, invoices, and resources.

The server is a thin layer over the Production Suite Supabase database and respects the same account-based row-level-security policies as the web app. Your AI sees what you'd see if you signed in.

What it does

| Module | Tools | |--------|-------| | Projects | list_projects, get_project, create_project, update_project, wrap_project, delete_project | | Budget | get_budget, add_budget_row, update_budget_row, delete_budget_row, get_budget_breakdown | | Schedule | list_shoot_days, get_shoot_day, add_shoot_day, update_shoot_day, delete_shoot_day, add_block, delete_block, add_shot, update_shot, mark_shot_complete, move_shot, delete_shot | | Scripts | list_scripts, get_script, create_script, update_script, add_script_line, delete_script | | Deliverables | list_deliverables, update_deliverable_status | | Tasks | list_tasks, add_task, update_task, delete_task | | Resources | list_resources, get_resource, search_resources, create_resource, update_resource, delete_resource, get_account_info | | Summaries | get_project_summary, get_portfolio_summary, get_overdue_items |

Examples of things you can ask any MCP-connected AI to do:

  • "List my active projects and tell me which has the largest budget."
  • "Add a shoot day to the Acme spot for May 12th, call time 7am, label 'Day 1 — Studio.'"
  • "For each of my projects, find any tasks past their due date and summarize them."
  • "Add a DP line to the production budget at $1,200/day for 2 days, with travel."
  • "Mark all shots in block X as complete."
  • "Create a new client called 'Big Idea Agency' and link them to the new project."
  • "What's overdue across my whole portfolio?"

Install

Option A — One-click .mcpb (Claude Desktop, recommended for end users)

Open the Production Suite web app → click Connect AI in the sidebar footer → click Download production-suite.mcpb. Double-click the downloaded file. Claude Desktop opens an install dialog with SUPABASE_URL and SUPABASE_ANON_KEY pre-filled — just enter your email + password and click Install. No DevTools, no JSON editing, no Node install needed (Claude Desktop ships its own Node).

The bundle is generated by npm run mcp:pack (which runs as part of npm run build and is shipped at /production-suite.mcpb from each Vercel deploy). Locally:

npm run mcp:pack
# → mcp-server/production-suite.mcpb (4.0 MB)
# → public/production-suite.mcpb  (mirror for Vite to serve)

The pack script reads VITE_SUPABASE_URL + VITE_SUPABASE_ANON_KEY from .env (or .env.local, or process.env) and bakes them into the manifest defaults so users don't have to type them. The committed manifest.template.json only contains placeholders; the generated manifest.json is gitignored.

Option B — From this repo (development)

cd mcp-server
npm install
npm run build

The compiled entry point ends up at mcp-server/dist/index.js. Configure your AI client to invoke node /absolute/path/to/mcp-server/dist/index.js.

Option B — Via npm (when published)

# No install needed — npx fetches and runs it
npx -y @foxframe/production-suite-mcp

Configure your AI client with command: "npx", args: ["-y", "@foxframe/production-suite-mcp"].

Authentication

The server supports three auth methods, in priority order. Pick one.

Method 1 — Refresh token (recommended for Google OAuth users)

Best for users who sign in to Production Suite with Google. The token is long-lived and the server auto-refreshes it.

  1. Open the Production Suite web app and sign in.
  2. Open browser DevTools → ApplicationLocal Storage → your app origin.
  3. Find the key starting with sb- and ending in -auth-token. The value is JSON.
  4. Copy the refresh_token field's value.
  5. Set in your config: SUPABASE_REFRESH_TOKEN=<that-value>.

The refresh token rotates over time but the server handles renewal automatically. If it expires (~30 days idle by default), you'll re-extract it.

Method 2 — Email + password

If you signed up with email/password (or set one via password reset):

[email protected]
SUPABASE_USER_PASSWORD=<your-password>

Method 3 — Service role key (admin override)

Use only on a machine you control. This key bypasses RLS and grants full database access.

SUPABASE_SERVICE_ROLE_KEY=<your-service-role-key>

You can find this in the Supabase dashboard → Project settingsAPIservice_role.

Connecting AI clients

All examples below use the Method 1 (refresh token) flow with the dev Supabase instance. Replace SUPABASE_URL and SUPABASE_ANON_KEY with values from .env.example or your Supabase dashboard.

Claude Desktop

Edit ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows):

{
  "mcpServers": {
    "production-suite": {
      "command": "node",
      "args": ["/absolute/path/to/Video-Production-Tool/mcp-server/dist/index.js"],
      "env": {
        "SUPABASE_URL": "https://wymetihxrvtgrukunngh.supabase.co",
        "SUPABASE_ANON_KEY": "<your-anon-key>",
        "SUPABASE_REFRESH_TOKEN": "<your-refresh-token>"
      }
    }
  }
}

Restart Claude Desktop. The server appears under the 🔌 plug icon — tools become available in any chat.

Claude Code

Add to .claude/mcp.json (project-scoped) or ~/.claude/mcp.json (global):

{
  "mcpServers": {
    "production-suite": {
      "command": "node",
      "args": ["/absolute/path/to/Video-Production-Tool/mcp-server/dist/index.js"],
      "env": {
        "SUPABASE_URL": "https://wymetihxrvtgrukunngh.supabase.co",
        "SUPABASE_ANON_KEY": "<your-anon-key>",
        "SUPABASE_REFRESH_TOKEN": "<your-refresh-token>"
      }
    }
  }
}

Or via CLI:

claude mcp add production-suite -- node /absolute/path/to/Video-Production-Tool/mcp-server/dist/index.js

Cursor / Windsurf

Edit the MCP config (Cursor: ~/.cursor/mcp.json, Windsurf: ~/.codeium/windsurf/mcp_config.json):

{
  "mcpServers": {
    "production-suite": {
      "command": "node",
      "args": ["/absolute/path/to/Video-Production-Tool/mcp-server/dist/index.js"],
      "env": {
        "SUPABASE_URL": "https://wymetihxrvtgrukunngh.supabase.co",
        "SUPABASE_ANON_KEY": "<your-anon-key>",
        "SUPABASE_REFRESH_TOKEN": "<your-refresh-token>"
      }
    }
  }
}

ChatGPT (Custom GPT) — partial

ChatGPT supports MCP via the agent builder in some tiers, but coverage is uneven. For now, ChatGPT users should:

  1. Use the Custom GPT route — exposes Production Suite over HTTPS as an action (HTTP/SSE variant of this server is on the roadmap).
  2. Or use a third-party MCP-to-OpenAPI bridge.

ChatGPT-native support will be added once the HTTP/SSE transport is live.

Permissions

The server inherits whatever permissions your authenticated identity has in Production Suite:

  • Account owners — full read/write on everything in their account.
  • Editors — read/write per their project_scope (all or assigned).
  • Service role — bypasses RLS entirely. Don't share this key.

When the AI tries an action it doesn't have permission for, Supabase returns an RLS error and the tool surfaces it as a normal MCP tool error.

Local development

# In one terminal — TypeScript watcher
npm run dev

# In another — set env vars and run
SUPABASE_URL=... SUPABASE_ANON_KEY=... SUPABASE_REFRESH_TOKEN=... npm start

The server logs to stderr (stdout is reserved for MCP protocol traffic). Look for:

[production-suite-mcp] Connected via stdio (auth mode: refresh-token, user: <uuid>, account: <uuid>)

Manually testing tools without an AI client is awkward (the protocol is JSON-RPC over stdio), but you can use @modelcontextprotocol/inspector:

npx @modelcontextprotocol/inspector node dist/index.js

This opens a web UI at http://localhost:5173 where you can list tools, inspect schemas, and invoke them with custom inputs.

Troubleshooting

"SUPABASE_URL is required" — env vars aren't reaching the server. Check the env block in your AI client config; environment variables from your shell are usually NOT inherited.

"Failed to authenticate via refresh token" — token has expired. Re-extract from the web app (DevTools → Local Storage → sb-...-auth-tokenrefresh_token).

"row-level security policy" errors — your authenticated identity doesn't have access to that resource. Check membership and project assignments in the Production Suite web app.

Tools don't appear in Claude Desktop — restart Claude Desktop after editing claude_desktop_config.json. Check the 🔌 icon for connection state and any error messages.

npx complains about a missing binary — the package isn't published yet. Use Option A (build from this repo) or npm link it locally.

Architecture notes

  • Stdio transport only for v0.1. HTTP/SSE transport (for hosted clients like claude.ai and ChatGPT Custom GPT) is on the roadmap.
  • Project content (budget, schedule, scripts, tasks, deliverables, invoices) lives in the projects.data JSONB blob — tools fetch the project, mutate the relevant nested field, and write the whole blob back.
  • Resources (people, organizations, locations, equipment, etc.) live in dedicated tables — tools are thin wrappers around from(...).select/insert/update/delete.
  • Auth uses the Supabase JS SDK's session model; refresh tokens are auto-rotated.
  • The web app is untouched. This server reads and writes the same Supabase schema; nothing in src/ or supabase/ was modified.

License

MIT.