npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@reclaimprotocol/agent

v0.1.11

Published

Reclaim Protocol's tools for agents — Reclaim Protocol lets your app verify **data points** about its users — a follower count, an account balance, an order history. This package gives your AI coding agent the tools to **find, build, test and fix the _dat

Downloads

2,090

Readme

@reclaimprotocol/agent

Reclaim Protocol lets your app verify data points about its users — a follower count, an account balance, an order history. This package gives your AI coding agent the tools to find, build, test and fix the data verification providers (the recipes that verify a data point) by inspecting and replaying captured requests, checking sessions, evaluate proofs, publishing updates, and much more.

Under the hood it's Chrome-CDP + zkTLS provider-authoring tooling: it captures network traffic from a browser, synthesizes provider definitions from it (contains matchers + jsonPath / xPath / regex redactions), runs a local replay diagnostic, and produces a verified attestor proof via @reclaimprotocol/attestor-core.

This package is the Reclaim MCP server (bin: reclaim-mcp-server). It depends on @reclaimprotocol/client for the typed HTTP client and registers the provider-authoring tools below alongside the backend-facing tools (credentials, publishing) in a single MCP surface. A standalone entry (src/index.ts) re-exports the client SDK plus buildAgentTools for embedding.

Install

Prerequisites: Node ≥ 20works best on a current LTS release (22 or 24) — and a local Chrome / Chromium / Edge (used for capture and the dashboard login). The first time you call run_proof, the agent downloads the ZK circuit files it needs (~280 MB) — so allow a moment for that first proof. The download is deferred to first proof on purpose (not an install step), so the MCP server itself starts immediately.

Any Node ≥ 20 works, including non-LTS lines like 25 however an LTS line (22 or 24) is recommended.

It runs as a stdio MCP server. Point any MCP-capable agent at this command:

npx -y --package=@reclaimprotocol/agent reclaim-mcp-server

The --package= (short form -p) flag selects the reclaim-mcp-server binary from the package. We use the long --package= form throughout because the short -p collides with the -p/--print flag of some agent CLIs (notably claude mcp add), which silently swallows the command. Prefer a global install? Run npm i -g @reclaimprotocol/agent and use reclaim-mcp-server directly as the command (drop the npx wrapper and its args).

Installing into your coding agent

Copy-paste setup for Claude Code (plugin marketplace), Claude Desktop, Cursor, opencode, Codex, Windsurf, VS Code, Cline and other MCP clients lives in the public reclaimprotocol/developer-tools repo — that's where the Claude Code plugin/marketplace is published.

The quickest path, in Claude Code:

/plugin marketplace add reclaimprotocol/developer-tools
/plugin install reclaim@reclaim

For any other client, point it at the stdio command above (npx -y --package=@reclaimprotocol/agent reclaim-mcp-server) — see the developer-tools README for per-client config and the Claude Desktop / GUI-app notes.

Optional environment

Defaults target the production old-devtools backend, so no env is needed for the common case. To override, add an env block (or environment in opencode) to the config above:

"env": {
  "USE_OLD_DEVTOOLS": "true",
  "RECLAIM_OLD_API_URL": "https://devapi.reclaimprotocol.org"
}

See Backends for builder mode (USE_OLD_DEVTOOLS=false) and the full env-var list.

Provider-authoring guide

The MCP server is all you need — it ships a how_it_works tool that returns the full capture → prove → publish guide (login detection, choosing auth-bound endpoints, OPRF decisions, troubleshooting). Any MCP client can call it on demand; there's nothing extra to install.

Using it from your agent

Tip: have your agent call the how_it_works tool first so it follows the full authoring flow.

Then just ask in plain language, e.g.:

"Use Reclaim to create a provider that proves my GitHub follower count."

or you can even ask it like:

"I want to verify Github follow count"

The agent orchestrates the tools for you:

  1. reclaim_authenticate — a Chrome window opens the Reclaim dashboard; you sign in. The token is captured automatically and the tab closes. (Or it reuses a still-valid cached identity.)
  2. attach_chrome + navigate — opens the target site (e.g. github.com); wait_for_page waits while you log in there.
  3. start_capturefind_requests_containingget_request — records network traffic and locates the request carrying your value.
  4. propose_provider — drafts the provider (a contains match + jsonPath/xPath/regex redaction), keeping any secret headers server-side.
  5. replay_requestrun_proof — pre-flights the draft, then produces a verified zkTLS proof via the attestor.
  6. create_provider_version_from_capture — publishes it. get_me_providers lists what you own; pass a returned providerId back to publish a new version of an existing provider.

Your only manual steps are signing in when the browser windows open and confirming the value you want to prove.

How it works (guide tool)

The full, mode-aware authoring guide (skill/SKILL.builder.md / skill/SKILL.old.md, one per backend) is served on demand by the how_it_works MCP tool — call it from any MCP client (Claude Code, Cursor, opencode, Antigravity, …) to get the deep capture → prove → publish workflow, decision frameworks, and troubleshooting. The server's always-on instructions cover the essentials; how_it_works is the in-depth version, with nothing to install.

Provider-authoring tools

These capture/synthesis/proof tools are backend-independent and registered in both modes (see Backends):

| Tool | Purpose | | ------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | | attach_chrome | Connect to Chrome via CDP — dedicated profile or attach to running instance | | list_tabs | List open Chrome tabs | | navigate, wait_for_page, eval_in_page | Drive the tab; poll for login completion | | start_capture, stop_capture | Network capture lifecycle | | list_requests, get_request | Inspect captured traffic | | find_requests_containing | Deterministic search for a target value across captured responses | | analyze_request_constraints | Flag concerns (signed, csrf, graphql, etc.) | | propose_provider | Synthesize a provider — contains match + jsonPath/xPath/regex redaction | | replay_request | Pre-flight replay via Node fetch (no attestor); also used for auth-bound check by omitting secretParamsRef | | run_proof | End-to-end zkTLS proof through the attestor SDK | | create_provider_version_from_capture | Publish a drafted provider to the backend | | get_session, reset_session | Session state |

Backends

The MCP server targets one of two backends, selected by USE_OLD_DEVTOOLS:

  • Old devtools (default). The legacy devtools backend is still in production while the new "builder" backend is built, so this is the default — opt into builder with USE_OLD_DEVTOOLS=false. In old mode all auto-generated HTTP-API tools are disabled and a small client (src/old/) serves:
    • reclaim_authenticate — by default opens the dashboard in Chrome via CDP, waits for sign-in, reads the Firebase token from page storage, and closes the tab (or pass a token / ethAddress to skip the browser).
    • create_provider_version_from_capture — registers a new provider, or adds a version to an existing one when given a providerId.
    • get_me_providers — list the providers you own (the only provider-listing tool in this mode).
  • Builder (USE_OLD_DEVTOOLS=false). Registers the auto-generated HTTP-API tools plus the authentication/credential tools (authenticate device-pairing login, issue_credentials / import_credentials to set up the local eth proof-owner key, resolve_owner_key) and a verification-result helper (get_verification_result).

Relevant env vars: RECLAIM_OLD_API_URL (default https://devapi.reclaimprotocol.org), RECLAIM_OLD_API_TOKEN / RECLAIM_OLD_ETH_UID (headless identity), RECLAIM_OLD_LOGIN_URL (default https://dev.reclaimprotocol.org); builder mode uses RECLAIM_API_URL / RECLAIM_API_TOKEN.

Local development (from source)

For working on the package inside the monorepo (consumers should use Install instead). A workspace install just fetches dependencies:

npm install

The ZK circuit resources needed by @reclaimprotocol/attestor-core are not fetched at install time — run_proof downloads them on the first proof (see the first-run note). To pre-fetch them instead of paying the cost on that first proof, run:

npm run download:zk-files --workspace=packages/agent

Platform notes

  • Node >=20 is required to run the published package (declared in engines) — it ships compiled lib/*.js, so no TypeScript type-stripping is needed at runtime. Any line ≥ 20 works, including non-LTS like 25: the one native addon that used to break this, re2, is an optional dependency as of @reclaimprotocol/attestor-core 5.0.8 and degrades to native RegExp when its binary is absent. (The other native dep, koffi, is N-API — ABI-independent, all-platform prebuilts — so it was never version-sensitive.) An LTS line (22/24) is recommended so re2 is present for faster, ReDoS-safe matching. Working on the package from a checkout additionally needs Node >=22.18, because the test suite and dev workflow run bare .ts files directly and unflagged TypeScript type-stripping landed in 22.18.
  • Chrome 136+ silently disables --remote-debugging-port when launched against the default user profile. dedicated mode (the default) sidesteps this by always passing --user-data-dir=~/.reclaim/chrome-profile.

Tests

npm test runs the unit + integration suite (no Chrome needed).

The Chrome CDP end-to-end test at tests/e2e-chrome.test.ts is gated behind an env var. It launches headless Chrome with a dedicated temp profile, captures a navigation against a local fixture server, and asserts the synthesiser finds the right request. To run it:

# bash / macOS / Linux
RECLAIM_AGENT_E2E=1 npm test --workspace=packages/agent

# Windows PowerShell
$env:RECLAIM_AGENT_E2E=1; npm test --workspace=packages/agent

Requires Chrome / Chromium / Edge installed somewhere findChromeBinary can locate (or RECLAIM_AGENT_CHROME_PATH set). The test self-skips if no binary is found.

Disabling

The MCP server registers the provider-authoring (Chrome/CDP) tools by default in both modes. To disable them (e.g. in hosted deployments where no local Chrome is available):

RECLAIM_AGENT_DISABLED=1

For contributors — wiring a local build into Claude Code / opencode

This section is for working on this package from a checkout. Consumers should use the published package via Install instead.

First build so lib/mcp-bin.js exists, then point your agent at that file by absolute path (not npx):

npm install                              # once, from the repo root
npm run build --workspace=packages/agent # rebuild after changes (or `npm run dev` to watch)

MCP server

Claude Code — register the local binary:

# from the repo root; -s user for a global install (omit for project scope → .mcp.json)
claude mcp add reclaim -- node "$(pwd)/packages/agent/lib/mcp-bin.js"

…or add it to .mcp.json yourself, using an absolute path:

{
  "mcpServers": {
    "reclaim": {
      "command": "node",
      "args": ["/abs/path/to/builder/packages/agent/lib/mcp-bin.js"]
    }
  }
}

opencode — add to opencode.json (project) or ~/.config/opencode/opencode.json (global), again with an absolute path:

{
  "$schema": "https://opencode.ai/config.json",
  "mcp": {
    "reclaim": {
      "type": "local",
      "command": ["node", "/absolute/path/to/builder/packages/agent/lib/mcp-bin.js"],
      "enabled": true
    }
  }
}

To target a specific backend while developing, add an env block (Claude Code / .mcp.json) or environment (opencode) — e.g. "USE_OLD_DEVTOOLS": "false" for builder mode. See Backends.

Authoring guide

skill/SKILL.builder.md and skill/SKILL.old.md are the sources the how_it_works tool serves — one per backend, so an agent is never shown tools its mode doesn't have. The server picks by USE_OLD_DEVTOOLS. Edit the relevant file and rebuild (npm run build) to update what the tool returns.