npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

vercel-mcp-pro

v1.0.0

Published

The most complete Vercel MCP server — 65+ typed tools covering the entire Vercel REST API (deployments, projects, env vars, domains, DNS, aliases, certs, logs, checks, webhooks, edge config, teams) plus a vercel_raw escape hatch and a readonly safety mode

Downloads

497

Readme

Vercel MCP Pro ▲

The most complete Vercel MCP server — 70 tools covering the entire Vercel REST API (deployments, projects, env vars, domains, DNS, aliases, certs, logs, checks, webhooks, edge config, teams) plus a vercel_raw escape hatch and a readonly safety mode.

npm version License: MIT GitHub Stars

Works in any MCP client — Claude Code, Claude Desktop, Cursor, ChatGPT — using a Vercel access token (no OAuth flow required). Ships with an optional /vercel skill that drives the Vercel CLI for terminal deploys.

Why this and not the official one?

| | Official mcp.vercel.com | vercel-mcp-pro | |---|---|---| | Auth | OAuth (approved clients only) | Token (works everywhere, self-hosted) | | Coverage | Docs search, manage projects/deployments, analyze logs | Full REST API: env, domains, DNS, aliases, certs, webhooks, edge config, checks, log drains… | | Escape hatch | — | vercel_raw → any endpoint, 100% coverage | | Safety | — | VERCEL_READONLY=true blocks all writes |

Install

npx -y vercel-mcp-pro

Or clone and build locally:

git clone https://github.com/helbertparanhos/vercel-mcp-pro
cd vercel-mcp-pro
npm install && npm run build

Configuration

  1. Create a token at https://vercel.com/account/settings/tokens.
  2. Copy .env.example.env and fill it in:

| Variable | Required | Description | |----------|----------|-------------| | VERCEL_TOKEN | ✅ | Personal or team access token. | | VERCEL_TEAM_ID | — | Default team scope (injected as ?teamId). Leave empty for personal account. | | VERCEL_TEAM_SLUG | — | Scope by team slug (alternative to VERCEL_TEAM_ID). | | VERCEL_READONLY | — | true blocks all write/delete tools (and only allows vercel_raw GETs). | | VERCEL_DISABLE_RAW | — | true removes the vercel_raw escape hatch. | | VERCEL_TIMEOUT_MS | — | Request timeout (default 60000). | | VERCEL_MAX_RETRIES | — | Retries on 429/5xx/network (default 3). |

Add to your client

Claude Code

claude mcp add vercel-mcp-pro -- npx -y vercel-mcp-pro

Or in this project's .claude/settings.jsonmcpServers:

"vercel": {
  "command": "node",
  "args": ["projects/vercel-mcp-pro/dist/index.js"],
  "env": {
    "VERCEL_TOKEN": "your_token",
    "VERCEL_TEAM_ID": "team_xxx"
  }
}

Claude Desktop

%APPDATA%\Claude\claude_desktop_config.json (Windows) / ~/Library/Application Support/Claude/claude_desktop_config.json (Mac):

{
  "mcpServers": {
    "vercel": {
      "command": "npx",
      "args": ["-y", "vercel-mcp-pro"],
      "env": { "VERCEL_TOKEN": "your_token", "VERCEL_TEAM_ID": "team_xxx" }
    }
  }
}

Cursor

Paste the same config into .cursor/mcp.json.

Tools (70)

Deployments (11)

list_deployments · get_deployment · create_deployment · cancel_deployment · delete_deployment · get_deployment_events · list_deployment_files · get_deployment_file_contents · promote_deployment · rollback_deployment · get_promote_aliases

Projects (7)

list_projects · get_project · create_project · update_project · delete_project · pause_project · unpause_project

Environment Variables (6)

list_env_vars · get_env_var · create_env_var · bulk_create_env_vars · update_env_var · delete_env_var

Domains (9)

list_domains · get_domain · get_domain_config · add_domain · verify_domain · remove_domain · list_project_domains · add_project_domain · remove_project_domain

DNS (4)

list_dns_records · create_dns_record · update_dns_record · delete_dns_record

Aliases (4)

list_aliases · get_alias · assign_alias · delete_alias

Certificates (4)

get_cert · issue_cert · upload_cert · remove_cert

Logs (2)

get_build_logs · get_runtime_logs

Checks (5)

list_checks · get_check · create_check · update_check · rerequest_check

Webhooks (3)

list_webhooks · create_webhook · delete_webhook

Edge Config (6)

list_edge_configs · get_edge_config · get_edge_config_items · create_edge_config · update_edge_config_items · delete_edge_config

Teams & User (4)

get_user · list_teams · get_team · list_team_members

Integrations & Log Drains (4)

list_integrations · list_log_drains · create_log_drain · delete_log_drain

Escape hatch (1)

vercel_raw — call any Vercel REST endpoint (method + full versioned path + params + body). Guarantees 100% coverage even for niche/new endpoints (marketplace, sandboxes, feature-flags, access-groups, rolling-release…). Auto-injects your team scope; honored by readonly mode for GETs.

Common recipes

Diagnose a failed deploy

list_deployments(projectId:"my-app", state:"ERROR")  →  get_build_logs(idOrUrl:"dpl_...")

Ship a preview to production (no rebuild)

promote_deployment(projectId:"my-app", deploymentId:"dpl_...")

Roll back fast

rollback_deployment(projectId:"my-app", deploymentId:"dpl_previous")

Add an env var to all environments

create_env_var(projectId:"my-app", key:"API_KEY", value:"…", target:["production","preview","development"])

Anything not covered

vercel_raw(method:"GET", path:"/v1/security/firewall/config", params:{ projectId:"my-app" })

The /vercel CLI skill (bundled)

For terminal-driven deploys, this repo also ships a Claude Code skill in skill/ that drives the official Vercel CLI (vercel deploy, vercel logs, vercel env, vercel rollback). The MCP gives full API coverage in any client; the skill gives the smoothest git push → deploy loop in the terminal. They complement each other — see skill/SKILL.md.

Safety

  • VERCEL_READONLY=true blocks every write/delete tool — only reads and vercel_raw GETs run. Ideal for audits and exploration.
  • The vercel_raw path is sanitized (must start with a version segment like /v9/…; no scheme/host/traversal/control chars) and constrained to api.vercel.com.
  • Auth, retries (429 with Retry-After, 5xx, network) and rate-limiting are handled for you. The token only ever travels in the Authorization header — never in a query string or log.

Security model — read this before trusting the guards

  • VERCEL_READONLY blocks mutations, not reads of secrets. Read tools like list_env_vars (with decrypt:true), get_env_var and get_edge_config_items return decrypted values and still run in readonly mode — that's their purpose. If your environment must never surface secrets to the model, don't expose those tools / run against a least-privilege token.
  • VERCEL_TEAM_ID is a convenience scope, not a security boundary. It sets the default team, but a caller can pass a different teamId/slug per call (including via vercel_raw). The real boundary is the token's own scope — use a token limited to the team/projects you intend to automate.
  • Treat the token as production credentials. It grants the same access as your Vercel account/team. Prefer a scoped token, keep it in .env (gitignored) or your client's secret store, and rotate it if it's ever shared or pasted into a chat.

License

MIT © Helbert Paranhos / Strat Academy