MCP TOOLS

Ten tools your AI actually uses while it codes.

Each one reads your real repo, your live packages, and your running architecture — so the suggestions you get back are grounded in your code, not generic guesses.

get_project_context

Instant codebase snapshot. Your AI knows your stack before you type the first prompt.

Summarizes the repo's stack and key integration points (auth, hosting, billing, queues) based on what's actually present in code and config.

WHEN TO USE

  • You just opened a new repo
  • You need the stack + key entry points
  • You want a safe overview before changing code
View docs →

explain_architecture

Traces how requests actually move through your system — auth, database, billing, rate limits. The map your AI needs before touching production code.

Explains how the system works end-to-end (auth, database, billing, rate limits), and points you to the request paths that matter most.

WHEN TO USE

  • You need a high-level mental model
  • You're about to touch critical flows (auth/billing/limits)
  • You want to understand request → response paths end-to-end
View docs →

find_code

Repo-wide search in under a second. Finds any function, class, or variable across the entire codebase.

A fast search tool for your entire repository. Use it to find TODOs, error messages, env vars, route names, or any pattern you're trying to locate quickly.

WHEN TO USE

  • You need to find where something is implemented
  • You want to locate an error message or TODO
  • You're hunting for a pattern across files
View docs →

read_code

AST-level code reading. Your AI reads exact symbols and functions, not guesses, before suggesting changes.

A precise code reader. Give it a file and (optionally) a function/class name and it will show the exact implementation, plus imports and where it's used across the codebase — without dumping the whole repo.

WHEN TO USE

  • You want to safely change a function/class
  • You need to see call sites and tests for a symbol
  • You want exact code context without noise
View docs →

check_test

Test Pulse — health checks, diagnostics, and test verification in one call.

Verifies test health, runs diagnostics, and confirms your code works before you commit. Returns health checks, test diagnostics, and verification results.

WHEN TO USE

  • After writing code, before commit
  • To verify test health and diagnostics
  • Before shipping to confirm everything passes
View docs →

check_package

Reads your project, checks every package against the live registry, and tells you what's safe, what's outdated, and what's risky — before you ship.

Analyzes your codebase, understands what you have installed, then checks each package against the live npm registry — version status, security flags, maintenance health, and supply-chain risk.

WHEN TO USE

  • Before installing a new package
  • Before upgrading to a new version
  • To verify a package isn't a typosquat or abandoned
View docs →

audit_headers

HTTP and TLS security audit. Flags missing headers, weak configs, and exposure risks before they reach production.

Makes a raw HTTP/TLS connection to inspect what the server sends before the browser processes it — redirect chains, SSL certificate details, security header grades (A+ to F), and cookie flags.

WHEN TO USE

  • You need to check SSL/TLS configuration
  • You want to audit security headers (HSTS, CSP, etc.)
  • You need to check redirect chains
  • You want to analyze cookie security flags
View docs →

keep_thinking

Structured investigation mode. Nothing gets lost across long debugging sessions or high-risk changes.

A structured problem-solving session that tracks what you checked, what you concluded, and what to do next. Use it for complex debugging and risky changes where losing context mid-task breaks everything.

WHEN TO USE

  • You're starting a multi-step investigation
  • You need to plan before changing code
  • You want self-verification for risky changes
View docs →

project_memory

What you learned stays — decisions, gotchas, and conventions across sessions.

Persists explicit memories per project (decisions, gotchas, goals) in local SQLite under ~/.zephex/memory. Not repo scanning — use get_project_context for stack. recall before unfamiliar areas; remember after discoveries. Full read/write on npx zephex stdio only.

WHEN TO USE

  • You or the agent learned something non-obvious about this codebase
  • A future session should not rediscover the same gotcha
  • You want project-scoped memory, not global IDE memory
View docs →

Zephex_dev_info

Expert developer knowledge base (search + get) for architecture, security, auth, frontend, backend, DB schemas, and deployment patterns.

Searchable expert knowledge base by Zephex. Use when you need authoritative, non-hallucinated patterns for auth, security headers, DB schemas, Next.js/React, Stripe, Supabase, deployment, etc. Two operations: search first with a query, then get by the returned slug.

WHEN TO USE

  • You need authoritative patterns for auth, security, schemas, or deployment in the covered domains.
  • An agent workflow requires expert guidance on specific tech (Supabase RLS, Stripe webhooks, Next.js 16 app router, etc.).
  • Before implementing security or integration patterns where the KB has vetted examples.
View docs →
View API reference →