npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

mcp-for-i

v0.1.13

Published

Local MCP server and control plane for IBM i workflows

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

ashishthomasashishthomas

Keywords

Readme

MCP-for-i

mcp-for-i is a local MCP server + control plane for IBM i workflows. It provides secure connection onboarding, keychain-backed credentials, cross-platform runtime update controls, and IBM i tools for agent-driven operations.

Install

The npm package name is mcp-for-i.

Install globally from npm:

npm i -g mcp-for-i

Verify commands:

mcp-for-i --help
mcp-for-i-control help

Supported shells and terminals include PowerShell, cmd, Git Bash, Bash, Zsh, and WSL shells, across Windows, macOS, and Linux.

Quick Start

  1. Open the local control plane:
mcp-for-i control

mcp-for-i control will start the control server in the background if needed, then open the UI. If a browser cannot be opened in the current environment, it prints the local URL instead.

  1. The default local UI URL is:
http://127.0.0.1:3980
  1. Add IBM i connection profiles in the UI. Passwords are stored in the OS keychain, not plain config.

WSL note: persistent password storage requires a working Linux Secret Service inside the WSL distro. WSL does not automatically use Windows Credential Manager; when no keychain is available, MCP-for-i keeps passwords only for the current process and the control plane shows a warning.

Credential storage adapts to the Node runtime: Windows Node from PowerShell, cmd, or Git Bash uses Windows Credential Manager; macOS uses Keychain; Linux uses Secret Service; WSL uses the WSL distro's Linux Secret Service.

Control Commands

From an npm install or a git checkout build, these commands are the supported control entrypoints:

mcp-for-i control
mcp-for-i control status
mcp-for-i control enable
mcp-for-i control disable

Equivalent direct control-plane binary commands:

mcp-for-i-control open
mcp-for-i-control status
mcp-for-i-control enable
mcp-for-i-control disable
mcp-for-i-control serve

Behavior by environment:

  • Windows: enable registers a Startup entry.
  • macOS: enable registers a LaunchAgent.
  • Linux: enable uses a user systemd service when available.
  • WSL: enable installs a guarded .bashrc hook that starts the control plane on interactive Bash shell launch.

Add To Coding Clients

The control-plane UI now includes a Clients tab with one-click setup for:

  • Codex Desktop / CLI
  • Claude Code when the claude CLI is installed
  • VS Code / GitHub Copilot when the code CLI is installed

It also includes manual guidance for:

  • Project Bob
  • other MCP clients that use generic JSON/TOML stdio server configuration

The UI writes or invokes the local client-specific setup on the same machine where the control plane is running. If a client CLI is not installed, the UI falls back to showing the exact launch command/snippet to use manually.

Update and Version Management

Update to latest globally:

npm i -g mcp-for-i@latest

Install a specific version:

npm i -g [email protected]

Rollback example:

npm i -g [email protected]

Check current installed version:

mcp-for-i --version

Control Plane Updates

The control plane intentionally stays narrow:

  • Update MCP
    • If running from a git checkout: pulls latest changes from origin/<current-branch>, then installs/builds.
    • If running as an npm-installed package: upgrades the global npm package to latest.
    • On Windows global installs, update still runs in a detached updater to avoid file-lock (EBUSY) errors during self-update.
  • Update Skills
    • Pulls or clones the configured skills repository and branch into the local skills directory.

For npm installs and manual upgrades, prefer standard npm commands such as npm i -g mcp-for-i@latest.

Development (Git Checkout)

For contributors working from source:

npm install
npm run build
npm test
npm run start:controlplane

You can also use the built artifacts directly after build:

node dist/index.js
node dist/index.js control
node dist/controlplane/index.js open

Automated Release (No Manual Version Bump)

Use the release script instead of raw npm publish. The script publishes the mcp-for-i npm package.

Before releasing, verify npm auth and the currently published version:

npm whoami
npm view mcp-for-i version

If npm whoami fails, run npm login first.

Patch release:

npm run release:patch

Minor release:

npm run release:minor

Major release:

npm run release:major

What it does:

  • Verifies git working tree is clean.
  • Runs npm test (unless --skip-tests is passed).
  • Checks npm published version.
  • Auto-bumps version only when local version is not ahead.
  • Publishes to npm.
  • Pushes commit/tag to GitHub.

Optional flags:

npm run release:patch -- --skip-tests
npm run release:patch -- --otp=123456
npm run release:patch -- --no-push

OTP is only needed when the npm account has two-factor authentication enabled for publishing. If npm asks for a one-time password, use the current code from the authenticator app or recovery method configured on the npm account, then rerun with --otp=<code>. If the account does not have publish-time 2FA enabled, no OTP is needed.

Security Model

  • Credential-bearing direct tool arguments are blocked for connection creation/update flows.
  • Passwords are stored in keychain when available; failed or missing keychain access falls back to process-only session storage with a visible control-plane warning.
  • Control plane is local-first (127.0.0.1 by default).
  • Guarded policy profile is the default for operational safety.
  • Tool schemas are strict (additionalProperties: false) with runtime argument validation, including nested connection/action/filter/profile payloads.
  • QSYS object names and source settings are validated before command execution to reduce interpolation and injection risk.

Links