npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@optimalai/optibot-mcp

v1.3.1

Published

MCP server for AI code reviews powered by Optibot

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

syedahmedzsyedahmedzedmon_optimal_aiedmon_optimal_ai

Keywords

mcpmodel-context-protocolaicode-reviewoptibotpull-requestpr-reviewautomated-reviewcode-qualityclaudecursordeveloper-toolsjavascripttypescript

Readme

Optibot MCP Server — AI Code Reviews for Any Editor

MIT License npm CI

An MCP server that brings Optibot AI-powered code reviews to Claude Desktop, Cursor, Windsurf, Claude Code, and any MCP-compatible client.

Review local changes, compare branches, and get actionable feedback — all from your AI assistant.

What is MCP? The Model Context Protocol is an open standard that lets AI assistants use external tools and data sources. Once you add this server, your assistant can run Optibot reviews on your behalf — just ask in natural language.

What It Does

  • Review your code — say "review my changes" and get an AI code review instantly
  • Compare branches — "review my branch against main" triggers a full branch diff review
  • Review patch files — point it at any .patch or .diff file
  • Run AI security scans — trigger token-metered scans on any repo in your org and get the full markdown report back
  • Manage organizations — switch the active org for multi-org accounts
  • Manage API keys — create, list, and delete keys for CI/CD automation
  • Detect merge conflicts — warns you about conflicts before you review

Install

npm install -g @optimalai/optibot-mcp

Setup

Claude Desktop

Add to your Claude Desktop configuration:

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "optibot": {
      "command": "npx",
      "args": ["-y", "@optimalai/optibot-mcp"],
      "env": {
        "OPTIBOT_API_KEY": "optk_your_key_here"
      }
    }
  }
}

Cursor

Add to your Cursor MCP configuration:

  • Global (all projects): ~/.cursor/mcp.json
  • Project-level: .cursor/mcp.json in your project root
{
  "mcpServers": {
    "optibot": {
      "command": "npx",
      "args": ["-y", "@optimalai/optibot-mcp"],
      "env": {
        "OPTIBOT_API_KEY": "optk_your_key_here"
      }
    }
  }
}

Windsurf

Add to your Windsurf MCP configuration (~/.codeium/windsurf/mcp_config.json):

{
  "mcpServers": {
    "optibot": {
      "command": "npx",
      "args": ["-y", "@optimalai/optibot-mcp"],
      "env": {
        "OPTIBOT_API_KEY": "optk_your_key_here"
      }
    }
  }
}

Claude Code

claude mcp add optibot -e OPTIBOT_API_KEY=optk_your_key_here -- npx -y @optimalai/optibot-mcp

The -e flag stores the API key in the MCP server config so it is always available when Claude Code spawns the server, regardless of your shell environment.

Authentication

Option 1: API Key (Recommended for MCP)

Set the OPTIBOT_API_KEY environment variable in your MCP client configuration. You can generate a key from the Optibot dashboard or using the CLI:

npx @optimalai/optibot apikey create my-mcp-key

Option 2: Browser Login

Use the login tool to authenticate via browser. This saves credentials to ~/.optibot/config.json (90-day token).

Usage

Once configured, just ask your AI assistant naturally:

| What you say | What happens | |---|---| | "review my changes" | Reviews uncommitted local changes | | "review my branch against main" | Compares current branch against main | | "review this diff file" | Reviews an arbitrary patch file | | "what's my Optibot status?" | Shows auth method, profile, active org, and daily quota | | "which Optibot organizations do I have?" | Lists all orgs (active marked with *) | | "switch Optibot to the Acme org" | Rescopes your token to that org | | "run a security scan on org/repo-a" | Triggers an AI security scan and returns the full report | | "show me recent security scans" | Lists recent scans with cost and severity | | "how much have we spent on scans this month?" | Shows current-month token usage and cost | | "create an API key for CI" | Creates and displays a new API key | | "list my API keys" | Lists all API keys with metadata |

Available Tools

Review

| Tool | Description | |------|-------------| | review_local_changes | Review uncommitted local changes (git diff HEAD) | | review_branch | Review changes against a target branch (auto-detects or specify) | | review_diff_file | Review an arbitrary diff/patch file |

Auth & status

| Tool | Description | |------|-------------| | login | Authenticate via browser OAuth (handles onboarding redirects; refuses inside CI environments) | | logout | Remove saved credentials | | check_auth | Check current authentication status | | get_status | Full status: auth method, active org, daily quota |

Organizations

| Tool | Description | |------|-------------| | list_organizations | List all organizations you belong to | | get_current_organization | Show the active organization (read from the JWT claim) | | switch_organization | Rescope your token to a different org (by id or name) |

CI/CD setup

| Tool | Description | |------|-------------| | setup_ci | Recommended onboarding for CI/CD — mints a long-lived API key bound to the active organization and returns the export line ready to paste into the user's CI secret store. Refuses inside CI environments. |

API keys

| Tool | Description | |------|-------------| | create_api_key | Create a new API key (lower-level primitive; prefer setup_ci for CI onboarding) | | list_api_keys | List all API keys | | delete_api_key | Delete an API key by ID |

⚠️ Heads up: create_api_key and setup_ci return the full secret in the tool output — by design, since you have to copy it. That output then lives in your AI host's conversation transcript (Claude Desktop, Cursor, etc.), which may be persisted, synced, or backed up. Copy the key into your CI secret store, then delete the conversation or rotate the key with delete_api_key if you don't want it lingering in transcript history.

Security scans

| Tool | Description | |------|-------------| | trigger_security_scan | Start an AI security scan on a repo; blocks until complete (configurable timeout) | | list_security_scans | Paginated list of recent scans (optionally filtered by repo) | | get_security_scan | Full markdown report + metadata for a specific scan id | | get_security_usage | Current-month token usage and cost | | get_security_pricing | Per-tier pricing and markup multiplier | | list_scannable_repos | Repositories available to scan in the active org | | get_security_config | Scheduled-scan configuration | | update_security_config | Update the scheduled-scan configuration (partial merge) |

Real-Time Progress

During reviews and security scans, the MCP server connects to the Optibot backend via WebSocket and emits real-time progress notifications using MCP logging messages. Your MCP client will receive updates as the operation progresses.

Reviews:

  1. started — Review request accepted
  2. analyzing_patch — Parsing and analyzing the diff
  3. tool_call — Running analysis tools (with tool name and query details)
  4. generating_review — Generating the final review
  5. completed — Review finished

Security scans:

  1. started — Scan request accepted
  2. cloning_repository — Fetching the repository
  3. scanning_code — Running security analysis
  4. tool_call — Individual analyzer tool invocations
  5. budget_update — Running token + cost ticker
  6. generating_report — Producing the final markdown report
  7. completed / failed — Final status

CI/CD Integration

For automated reviews in CI/CD pipelines (GitHub Actions, GitLab CI, etc.), use the Optibot CLI instead. The CLI is purpose-built for non-interactive environments and runs as a standard command-line tool.

The MCP server is designed to run inside AI assistants (Claude Desktop, Cursor, etc.) — it speaks the MCP stdio protocol and is not intended to be invoked directly in a pipeline.

To use in CI:

  1. Generate an API key from the Optibot dashboard or with create_api_key tool
  2. Add OPTIBOT_API_KEY as a repository secret
  3. Use the CLI in your pipeline:
# GitHub Actions
- name: Install Optibot CLI
  run: npm install -g @optimalai/optibot
- name: Run code review
  env:
    OPTIBOT_API_KEY: ${{ secrets.OPTIBOT_API_KEY }}
  run: optibot review --branch origin/${{ github.base_ref }}

See the Optibot CLI README for full CI/CD setup instructions including GitLab CI.

Environment Variables

| Variable | Description | |----------|-------------| | OPTIBOT_API_KEY | Your API token (required for automated use) | | OPTIBOT_API_URL | Custom backend URL (must use https://, defaults to https://agents.getoptimal.ai) |

Requirements

  • Node.js >= 22
  • Git (for review tools)

Contributing

Contributions are welcome! See CONTRIBUTING.md for guidelines.

Links

License

MIT — see LICENSE for details. Copyright (c) 2026 Optimal AI, Inc.