MCP catalog
The Model Context Protocol catalog is a curated list of MCP servers aidokit knows about, with per-role scoping, install commands, and a hard security gate for sensitive entries.
The v1.0 catalog
| ID | Purpose | Trigger | Sensitive | Default scope |
|---|---|---|---|---|
context7 | Up-to-date library docs lookup | always | no | researcher, architect |
beads-mcp | Beads task graph + decision memory | beadsEnabled | no | planner, maintainer |
playwright | Browser automation for frontend tests | stack.hasFrontend | no | tester-reviewer, frontend-browser-tester |
github | Read-only GitHub repo / issue / PR access | detect.githubRemote | no | researcher, planner |
chrome-devtools | Advanced browser debugging | stack.hasFrontend | no | frontend-browser-tester |
postgres | Postgres query access | (per spec) | no | (per spec) |
filesystem | Filesystem ops beyond the engine dir | never | yes | (empty — manual) |
graphify | Code-graph / knowledge-graph (Python prereq) | never | yes | (empty — manual) |
How trigger evaluation works
Triggers are simple predicate strings. Combined with OR semantics across the array — if any trigger matches, the MCP is suggested. No AND, no negation, no boolean operators. If you need a compound condition, split into two entries.
| Trigger | Matches when |
|---|---|
always | every project |
never | never auto-suggest; explicit add only |
beadsEnabled | user opted into Beads |
brownfield | brownfield init |
stack.has(react) | react pack selected |
stack.hasFrontend | any frontend pack selected |
stack.hasBackend | any backend pack selected |
detect.githubRemote | git remote includes github.com |
os.darwin / os.linux / os.win32 | host OS match |
conformance.strict | project at Strict level |
Role scoping
Each catalog entry declares suggestedFor — the minimal default role set. The CLI scopes the MCP to exactly those roles. No MCP defaults to "all roles".
Override per-install:
shell
npx aidokit mcp add github --roles researcher,planner npx aidokit mcp scope context7 --add-role builder npx aidokit mcp scope context7 --set-roles researcher,architect
Security-sensitive entries
Important Entries marked
securitySensitive: true have a non-bypassable confirmation gate. --yes does not skip it.An entry is sensitive when any of:
- It can write or delete files outside the engine directory.
- It can execute arbitrary shell commands.
- It accesses credentials or cloud resources with write privileges.
- It sends user content (e.g. source code) off-host.
For sensitive entries the CLI:
- Excludes from auto-suggestion lists.
- Forces an explicit confirmation prompt on
aidokit mcp add. - Discloses the elevated capability in the prompt.
- Records
userConfirmed: truein.aido/state.json. - Refuses stack-pack auto-suggestions of the entry.
Managing MCPs at runtime
| Command | Effect |
|---|---|
aidokit mcp list | Show installed MCPs with role scoping. |
aidokit mcp add <id> [--roles ...] | Install a catalog MCP. |
aidokit mcp add <id> --custom-url <url> | Install a non-catalog MCP (always treated as sensitive). |
aidokit mcp remove <id> | Uninstall and strip role frontmatter. |
aidokit mcp scope <id> --add-role <name> | Add the MCP to a role. |
aidokit mcp scope <id> --set-roles <list> | Replace the role set. |
aidokit mcp suggest | Re-run trigger eval; print MCPs that would be suggested but aren't installed. |
Custom (non-catalog) MCPs
If you want an MCP not in the catalog:
shell
npx aidokit mcp add my-mcp --custom-url npm:@example/my-mcp
Custom MCPs:
- Are always treated as security-sensitive.
- Require explicit confirmation (no
--yesbypass). - Are flagged
source: 'custom'in the audit log. - Cannot be referenced by stack packs.
graphify (Python prereq)
The graphify entry fills the v4 kit's cgb (code-graph-builder) slot used by the Researcher role. It is opt-in only.
- Distributed via PyPI as
graphifyy. - Install via
uvx graphifyy mcp(Python ≥ 3.10 +uvorpipxrequired). - aidokit does not install Python on your behalf; the prereq hint is printed if missing.
- Marked
securitySensitive: truebecause it sends repo content to an external model for graph construction.
Catalog evolution
- New entries ship in patch / minor releases of
@aidokit/mcp-catalog. - Entries are never removed. Deprecated entries surface a warning in
aidokit doctor; replacements are pointed to viareplacedBy. - Renaming an id is forbidden. Ids are permanent contracts.