npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

qaeverest-mcp

v1.1.0

Published

MCP server for QAEverest — generate AI-powered functional, API, UI & mobile test cases, plus security and performance checks, from inside Claude Code, Cursor, VS Code Copilot, or any MCP-compatible IDE.

Readme

QAEverest MCP Server

Generate AI-powered test cases — and run security & performance checks — from inside your IDE. This Model Context Protocol server connects AI coding agents — Claude Code, Cursor, VS Code Copilot, Windsurf, and any other MCP-compatible client — to the QAEverest public API.

Ask your agent things like:

"Generate functional test cases for the login story in auth/README.md and save them as a feature file."

"Generate API tests from this openapi.yaml, then scaffold Playwright specs from them."

"Generate UI automation test cases for the checkout flow."

"Run a full security scan against https://staging.example.com."

"Run a 30-second load test on the /search endpoint."

"How many QAEverest credits do I have left?"

Prerequisites

  • Node.js 18+
  • A QAEverest API key (qae_...) — issued from Admin → API Management or by your account manager.

Configuration

The server is configured entirely through environment variables:

| Variable | Required | Description | |---|---|---| | QAEVEREST_API_KEY | yes | Your QAEverest API key (qae_...) | | QAEVEREST_API_URL | no | Backend base URL. Defaults to https://api.qaeverest.ai |

The server exchanges your API key for a short-lived access token automatically and refreshes it when it expires — you never handle tokens yourself.

Setup

Claude Code

claude mcp add qaeverest -e QAEVEREST_API_KEY=qae_your_key_here -- npx qaeverest-mcp

Or add to your project's .mcp.json (checked in, so the whole team gets it — keep the key in an env var):

{
  "mcpServers": {
    "qaeverest": {
      "command": "npx",
      "args": ["qaeverest-mcp"],
      "env": {
        "QAEVEREST_API_KEY": "${QAEVEREST_API_KEY}"
      }
    }
  }
}

Cursor

Add to .cursor/mcp.json (project) or ~/.cursor/mcp.json (global):

{
  "mcpServers": {
    "qaeverest": {
      "command": "npx",
      "args": ["qaeverest-mcp"],
      "env": {
        "QAEVEREST_API_KEY": "qae_your_key_here"
      }
    }
  }
}

VS Code (GitHub Copilot agent mode)

Add to .vscode/mcp.json:

{
  "servers": {
    "qaeverest": {
      "type": "stdio",
      "command": "npx",
      "args": ["qaeverest-mcp"],
      "env": {
        "QAEVEREST_API_KEY": "${input:qaeverest-api-key}"
      }
    }
  },
  "inputs": [
    {
      "id": "qaeverest-api-key",
      "type": "promptString",
      "description": "QAEverest API key",
      "password": true
    }
  ]
}

Windsurf

Add to ~/.codeium/windsurf/mcp_config.json:

{
  "mcpServers": {
    "qaeverest": {
      "command": "npx",
      "args": ["qaeverest-mcp"],
      "env": {
        "QAEVEREST_API_KEY": "qae_your_key_here"
      }
    }
  }
}

Running from a local checkout (before npm publish)

Replace "command": "npx", "args": ["qaeverest-mcp"] with:

"command": "node",
"args": ["C:/path/to/CreateMyTestcases/mcp-server/src/index.js"]

(run npm install inside mcp-server/ first).

Tools

The server exposes these tools. Each generation/scan call is billed to your account at an admin-configured per-service credit cost; whether a tool works depends on which services are enabled for your API key (check with get_usage). You don't call these directly — describe what you want and the agent picks the tool.

generate_testcases — functional / general (sync)

Generate test cases from a user story or feature description. Returns Gherkin-style scenarios (Given/When/Then) with tags, priorities, and test data. Generation typically takes 1–3 minutes.

| Parameter | Type | Required | Description | |---|---|---|---| | user_story | string | yes | The story / requirement / feature description | | test_type | enum | no | Functional (default), System, Performance, Security, API | | tc_type | enum | no | manual (default) or automated | | domain_name | string | no | Business domain context, e.g. Banking | | module_name | string | no | Feature area, e.g. Login | | additional | string | no | Extra instructions for the AI |

generate_api_tests — API automation (sync)

Generate automation-ready API test cases from a description or an OpenAPI/Swagger spec or Postman collection pasted as text (positive, negative, boundary, auth).

| Parameter | Type | Required | Description | |---|---|---|---| | spec | string | yes | API description, or an OpenAPI/Swagger spec or Postman collection as text | | tc_type | enum | no | manual or automated (default) | | domain_name, module_name, additional | string | no | As above |

generate_ui_tests — UI automation (async)

Generate end-to-end UI automation test cases (navigate / click / type / assert steps). Runs as a background job and may take a few minutes. Generates test cases only — it does not drive a live browser.

| Parameter | Type | Required | Description | |---|---|---|---| | story | string | yes | The UI scenario / user story | | domain_name, module_name, additional | string | no | As above |

generate_mobile_tests — mobile automation (async)

Same as generate_ui_tests, but for mobile UI automation (gestures, device states, platform-specific behaviours). Generates test cases only — it does not drive a live device.

| Parameter | Type | Required | Description | |---|---|---|---| | story | string | yes | The mobile scenario / user story | | domain_name, module_name, additional | string | no | As above |

security_scan — security (sync)

Scan a URL for security-header, SSL/TLS, and common-vulnerability issues; returns risk-rated findings.

| Parameter | Type | Required | Description | |---|---|---|---| | url | string | yes | Full URL including http:// or https:// | | scanType | enum | no | headers, ssl, vulnerability, or full (default) | | method | enum | no | HTTP method to probe with (default GET) | | headers | object | no | Optional request headers (key/value) |

performance_test — performance (sync)

Run a load / stress / spike / soak test and return latency, throughput, and error-rate metrics. API-tier caps keep a single call bounded (~1 min); heavier runs belong in the in-app Performance module.

| Parameter | Type | Required | Description | |---|---|---|---| | url | string | yes | Full URL including http:// or https:// | | testMode | enum | no | load (default), stress, spike, soak | | method | enum | no | HTTP method (default GET) | | headers | object | no | Optional request headers (key/value) | | body | string | no | Optional request body (POST/PUT) | | virtualUsers | number | no | Concurrent virtual users (load/soak); server caps apply | | duration | number | no | Seconds; server caps apply (load ≤ 60s, soak ≤ 90s) | | rampUp | number | no | Ramp-up seconds (load mode) |

get_usage

No parameters. Returns credits used/remaining, requests this month, and enabled services for your account.

How it works

IDE agent (Claude Code / Cursor / Copilot / Windsurf)
        │  MCP over stdio
        ▼
qaeverest-mcp
        │  POST /api/v1/auth/token        (API key → 8h JWT, cached)
        │  POST /api/v1/generate-testcases     ─┐
        │  POST /api/v1/api-tests/generate       │ sync — returns inline
        │  POST /api/v1/security-scan            │
        │  POST /api/v1/performance-test        ─┘
        │  POST /api/v1/ui-tests      → poll GET /api/v1/ui-tests/{jobId}      ─┐ async —
        │  POST /api/v1/mobile-tests  → poll GET /api/v1/mobile-tests/{jobId}  ─┘ server polls for you
        │  GET  /api/v1/usage
        ▼
QAEverest backend ──► AI engine / scanners ──► results

For the async UI/mobile tools the server submits the job and polls the status URL for you (up to 5 minutes), so from the agent's point of view they behave like any other tool call.

Troubleshooting

  • "QAEVEREST_API_KEY is not set" — the env var didn't reach the server; check the env block in your MCP config.
  • "Invalid or revoked API key" — the key was revoked or regenerated in Admin → API Management; get a fresh one.
  • "Insufficient credits" (402) — your plan's credit allowance is exhausted.
  • "Monthly request limit reached" (429) — resets at the next billing cycle.
  • Timeouts — generation is capped at 5 minutes client-side; very long stories may need trimming.
  • The server logs diagnostics to stderr (visible in your IDE's MCP logs, e.g. claude mcp list / Cursor's MCP output panel).