By cyanheads
Scaffold, develop, test, and deploy MCP servers built on @cyanheads/mcp-ts-core with code generation, SQLite/DuckDB data pipelines, OpenTelemetry monitoring, Cloudflare Workers deployment, security auditing, and automated release workflows.
Exercise tools, resources, and prompts against a live HTTP server via MCP JSON-RPC over curl. Starts the server, surfaces the catalog, runs real and adversarial inputs, and produces a tight report with concrete findings and numbered follow-up options. Use after adding or modifying definitions, or when the user asks to test, try out, or verify their MCP surface.
Land working-tree changes as logical commits — the work grouped by concern, topped by a release commit (version bump, changelog, regenerated artifacts) and an annotated tag. Verify, commit, tag. Stops at "committed and tagged locally" — no push, no publish. The release-and-publish skill picks up from here. Distilled from the git_wrapup_instructions protocol.
Investigate, adopt, and verify dependency updates — with special handling for `@cyanheads/mcp-ts-core`. Captures what changed, understands why, cross-references against the codebase, adopts framework improvements, syncs project skills, and runs final checks. Supports two entry modes: run the full flow end-to-end, or review updates you already applied.
Pick and run a multi-phase workflow that chains foundational task skills (`git-wrapup`, `release-and-publish`, `maintenance`, `field-test`, `setup`, etc.) end-to-end. Routes user intent to a workflow file under `workflows/` — greenfield builds, maintenance + release, field-test + fix, or known-work + release. Single source for the universal rules (no commits without authorization, no destructive git, no marketing language), the orchestrator posture (own the goal, ground sub-agents in primary sources, verify against the goal), and the sub-agent strategy (orient block, parallel fanout, isolation, normalization) that apply across every workflow. Sub-agents are an optional capability — workflows run linearly when fanout isn't available.
Finalize documentation and project metadata for a ship-ready MCP server. Use after implementation is complete, tests pass, and devcheck is clean. Safe to run at any stage — each step checks current state and only acts on what still needs work.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Generate random IDs, QR codes, and hashes, encode and decode values, and geolocate IPs, plus gated network and system diagnostics, via MCP. STDIO or Streamable HTTP.
Seven tools. Five are always on and need no configuration — pure-compute utilities plus an SSRF-free IP lookup. Two probe the server host and stay absent from tools/list until you opt in, fail-closed.
| Tool | Description |
|---|---|
toolkit_hash_value | Generate a cryptographic digest (sha256/sha512/sha1/md5), or constant-time-compare a value against an expected digest. |
toolkit_generate_id | Mint cryptographically-random identifiers — UUIDv4, UUIDv7, or ULID — singly or in batches up to 1000. |
toolkit_generate_qr | Encode text or a URL into a QR code as SVG markup, base64 PNG, or a terminal-renderable string. |
toolkit_encode_value | Encode or decode a value across base64, base64url, hex, or URL percent-encoding, in either direction. |
toolkit_geolocate_ip | Resolve a public IP or hostname to geographic and network metadata — country, city, coordinates, ASN, timezone. |
toolkit_check_network | Gated, off by default. Read-only network diagnostics from the server host — ping, traceroute, TCP connectivity, or egress-IP detection. |
toolkit_check_system | Gated, off by default. Report a facet of the server host's system state — OS, CPU, memory, load average, or network interfaces. |
toolkit_hash_valueGenerate a digest, or constant-time-verify a value against an expected one.
operation: generate (lowercase-hex digest) or compare (timing-safe check via timingSafeEqual)sha256 (default) and sha512 for security; sha1 and md5 are exposed for checksum and file-integrity compatibility only — never for passwords or signaturesinputEncoding reads value as utf8 (default), hex, or base64, so binary blobs skip a decode round-triptoolkit_generate_idMint cryptographically-random identifiers from the platform CSPRNG — the correct source for IDs that must be unpredictable, unlike model-invented values.
type: uuid_v4 (random, default), uuid_v7 (time-ordered, sortable by creation), or ulid (26-char Crockford base32, lexicographically sortable)count mints a batch up to 1000 in one call; the returned ids array always holds exactly count valuesuuid_v7 and ulid batches are monotonic — strictly increasing even within the same millisecond — so ids stays in sorted creation ordertoolkit_generate_qrEncode text or a URL into a QR code.
npx claudepluginhub cyanheads/cyanheads --plugin toolkit-mcp-serverRead, write, search, and surgically edit Obsidian vault notes, tags, and frontmatter via MCP. STDIO or Streamable HTTP.
Search PubMed/Europe PMC, fetch articles and full text (PMC/EPMC/Unpaywall), citations, MeSH terms.
Search ClinicalTrials.gov trials, retrieve study details and results, and match patients to eligible trials via MCP. STDIO or Streamable HTTP.
Store, query, and create YAML workflow playbooks for LLM agents via MCP. STDIO or Streamable HTTP.
Send, manage, and replay ntfy push notifications via MCP. STDIO or Streamable HTTP.
Encrypt and decrypt data with various algorithms
Utility for entropy and information theory calculations. Developer tool for cryptography and data analysis work.
Expert agent for webhook implementation, HMAC signature verification, retry logic with exponential backoff, idempotency, webhook security, and testing with ngrok
Living Ontology for Claude Code - Captures and reuses knowledge across sessions
PHP debugging and analysis tools using Xdebug. Trace execution, step debug, profile performance, and analyze code coverage.
Network diagnostics, reconnaissance, monitoring, and HTTP load testing - trippy, gping, ss, RustScan, nmap, bandwhich, sniffnet, oha