npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@pharaoh-so/mcp

v0.3.9

Published

MCP proxy for Pharaoh — maps codebases into queryable knowledge graphs for AI agents. Enables Claude Code in headless environments (VPS, SSH, CI) via device flow auth.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

0xuxdesign0xuxdesign

Keywords

mcpmodel-context-protocolpharaohcodebaseknowledge-graphcode-analysisarchitectureai-agentclaudeclaude-codedeveloper-toolsstatic-analysisdependency-graph

Readme

@pharaoh-so/mcp

npm version license node pharaoh MCP server

MCP proxy for Pharaoh — maps codebases into queryable knowledge graphs for AI agents.

Pharaoh gives AI coding assistants a complete architectural map of your codebase: every function, dependency, module, and connection. Instead of reading files one at a time, your AI agent queries the knowledge graph and gets instant answers about blast radius, unused code, dependency chains, and more.

This package enables Claude Code to connect to Pharaoh in headless environments (VPS, SSH, containers, CI) where a browser isn't available for OAuth. It acts as a stdio-to-SSE proxy, presenting itself as a local MCP server while relaying all communication to the remote Pharaoh server.

Quick Start

Step 1 — Authenticate

Run the proxy directly to trigger the device authorization flow:

npx @pharaoh-so/mcp

This displays a device code and a URL. Open the URL on any device (phone, laptop, tablet) and enter the code to authorize. Credentials are saved to ~/.pharaoh/credentials.json and remain valid for 7 days, with automatic re-authorization when they expire.

Step 2 — Add to Claude Code

npx @pharaoh-so/mcp

Verify the connection:

claude mcp list

You should see pharaoh listed as a stdio server.

Switching from SSE

If you previously added Pharaoh as an SSE server, remove it first:

claude mcp remove pharaoh
npx @pharaoh-so/mcp

How It Works

Claude Code ← stdio → @pharaoh-so/mcp ← SSE/HTTP → mcp.pharaoh.so

The proxy implements the Model Context Protocol (MCP) specification:

  1. Claude Code launches the proxy as a child process and communicates via stdio (stdin/stdout)
  2. The proxy authenticates with Pharaoh using stored credentials (or triggers device flow)
  3. All MCP messages (tool calls, responses, notifications) are relayed to the remote Pharaoh server over SSE (Server-Sent Events)
  4. Pharaoh queries the knowledge graph and returns architectural data to the proxy
  5. The proxy forwards responses back to Claude Code via stdio

Authentication uses RFC 8628 (OAuth 2.0 Device Authorization Grant) — no browser is needed on the machine running Claude Code.

Available Tools

Once connected, Pharaoh provides 19 MCP tools organized into four categories:

Orient (Free)

| Tool | What it answers | |------|----------------| | get_codebase_map | What modules exist and how do they relate? | | get_module_context | What does this module look like before I modify it? | | search_functions | Does this function already exist somewhere? | | get_design_system | What UI components and tokens already exist? |

Investigate (Free + Pro)

| Tool | What it answers | |------|----------------| | get_blast_radius | What breaks if I change this function/file/module? | | query_dependencies | How are these two modules connected? | | check_reachability | Is this function actually reachable from entry points? | | get_vision_docs | Is there a PRD or spec for this? |

Audit (Pro)

| Tool | What it answers | |------|----------------| | get_vision_gaps | What's specified but not built? What's built but not specified? | | get_cross_repo_audit | Are shared dependencies drifting between repos? | | get_consolidation_opportunities | Where is duplicate or overlapping logic? | | get_unused_code | What code is never called and safe to delete? | | get_test_coverage | Which modules/functions lack test coverage? | | get_regression_risk | How risky is this change to production? |

Manage (Free)

| Tool | What it answers | |------|----------------| | request_upload | Map a local repo without installing the GitHub App | | setup_environment | Install recommended development plugins | | pharaoh_account | Check plan, toggle PR Guard, trigger refresh | | pharaoh_feedback | Report false positives or tool issues | | pharaoh_admin | Org-level administration |

Inspect Mode

Use --inspect to dump the full tool manifest as JSON (useful for MCP registry validation and debugging):

npx @pharaoh-so/mcp --inspect

This outputs the complete list of tools with their schemas and exits immediately, without connecting to the server.

CLI Options

Usage: pharaoh-mcp [options]

Options:
  --server <url>   Pharaoh server URL (default: https://mcp.pharaoh.so)
  --logout         Clear stored credentials and exit
  --inspect        Output tool manifest as JSON and exit
  --help           Show help
  --version        Show version number

Configuration

Credentials

Credentials are stored at ~/.pharaoh/credentials.json with 0600 permissions (owner-read/write only). The file contains:

  • Access token — used to authenticate MCP requests
  • Refresh token — used to obtain new access tokens when they expire
  • Expiry timestamp — tokens are refreshed automatically before expiration

To clear credentials:

npx @pharaoh-so/mcp --logout

Custom Server

For self-hosted Pharaoh instances or development, register manually:

claude mcp add --scope user pharaoh -- npx @pharaoh-so/mcp --server https://your-pharaoh-instance.com

Environment Variables

| Variable | Default | Description | |----------|---------|-------------| | PHARAOH_SERVER_URL | https://mcp.pharaoh.so | Pharaoh server URL (alternative to --server) |

Requirements

  • Node.js >= 18
  • Claude Code or any MCP-compatible AI client
  • A Pharaoh account — sign up at pharaoh.so

Security

  • Credentials are stored with restrictive file permissions (0600 — owner-read/write only)
  • Authentication uses the RFC 8628 device authorization flow — no secrets are embedded in the package
  • All communication with the Pharaoh server uses HTTPS/TLS
  • No source code is ever transmitted — Pharaoh maps structural metadata (function names, file paths, dependency relationships) into a knowledge graph. Your code never leaves your machine.
  • Tokens expire after 7 days and are refreshed automatically
  • Only use trusted server URLs — the proxy sends your auth token to the configured server

Reporting Vulnerabilities

If you discover a security vulnerability, please report it responsibly by emailing [email protected]. Do not open a public issue.

Troubleshooting

"Connection refused" or "ECONNREFUSED"

The Pharaoh server may be temporarily unavailable. Check status.pharaoh.so or try again in a few minutes.

"Token expired" or "401 Unauthorized"

Re-authenticate by running the proxy directly:

npx @pharaoh-so/mcp

Or clear credentials and start fresh:

npx @pharaoh-so/mcp --logout
npx @pharaoh-so/mcp

"pharaoh" not showing in claude mcp list

Make sure you added it with the correct command:

npx @pharaoh-so/mcp

Note the -- separator between pharaoh and npx.

Device code not working

  • Ensure you're opening the URL on a device with browser access
  • The device code expires after 15 minutes — request a new one by re-running the command
  • Check that you're logged into GitHub when authorizing

Slow startup

The first run after installation may take a moment as npm downloads the package. Subsequent runs use the cached version. To pre-install globally:

npm install -g @pharaoh-so/mcp
claude mcp add --scope user pharaoh -- pharaoh-mcp

How Pharaoh Works

Pharaoh parses your repositories using tree-sitter and maps structural metadata into a Neo4j knowledge graph. The graph contains:

  • Functions — names, signatures, complexity scores, export visibility
  • Files — paths, module membership, language classification
  • Modules — logical groupings detected from directory structure
  • Dependencies — import/export relationships, call chains, module connections
  • Vision specs — PRD/spec documents linked to implementation

No source code is stored — only structural metadata. When an AI agent queries Pharaoh, it gets architectural facts in minimal tokens, not raw code dumps. This means your AI assistant can understand your entire codebase architecture without consuming its context window reading files one by one.

Supported Languages

  • TypeScript / JavaScript — full support (functions, classes, imports, exports, JSX)
  • Python — full support (functions, classes, imports, decorators)
  • More languages planned via tree-sitter grammar support

Contributing

Contributions are welcome. Please open an issue first to discuss what you'd like to change.

  1. Fork the repository
  2. Create your feature branch (git checkout -b feature/amazing-feature)
  3. Commit your changes (git commit -m 'Add amazing feature')
  4. Push to the branch (git push origin feature/amazing-feature)
  5. Open a Pull Request

License

MIT -- Pharaoh, Inc.

Links