- Go 93.5%
- Makefile 3.4%
- Dockerfile 3.1%
Kai Siren
2cb760a159
Some checks are pending
ci / test (push) Waiting to run
ci / lint (push) Waiting to run
ci / govulncheck (push) Waiting to run
ci / docs (push) Waiting to run
codeql / analyze (go) (push) Waiting to run
pages / build (push) Waiting to run
pages / deploy (push) Blocked by required conditions
closes #29 |
||
|---|---|---|
| .agent-guard | ||
| .github/workflows | ||
| cmd/cli-mcp-go-ecosystem | ||
| docs | ||
| internal | ||
| scripts/gen-webdocs | ||
| .dockerignore | ||
| .gitignore | ||
| .golangci.yaml | ||
| .pre-commit-config.yaml | ||
| AGENTS.md | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| Dockerfile | ||
| fly.toml | ||
| go.mod | ||
| go.sum | ||
| LICENSE | ||
| Makefile | ||
| mcporter.json | ||
| mkdocs-requirements.txt | ||
| mkdocs.yml | ||
| README.md | ||
| SECURITY.md | ||
| staticcheck.conf | ||
cli-mcp-go-ecosystem
A live public demo of cli-mcp. Not a product.
cli-mcp is a Go library that takes a urfave/cli v3 command tree and projects it as a Model Context Protocol server: every leaf command becomes an MCP tool, the input schema is derived from the flags, the same in-process Action runs whether a human typed the subcommand or an agent called the tool. One binary, both surfaces.
The endpoint at https://cli-mcp-go-ecosystem.fly.dev/mcp is real and you can wire it into your MCP client right now to see what cli-mcp feels like end to end.
The actual cli-mcp value lives in private deployments (cli-mcp + cli-guard + cli-web-ops in front of internal infrastructure). Those can't be shown, so this repo stands in: read-only Go module proxy + vulnerability data, no auth surface, no state. The interesting bit is the projection mechanism, not the data. If you want a Go-ecosystem MCP tool to use, pkgsite and govulncheck are better.
What you can do with the live endpoint
One binary, two usage forms hitting the same code path:
Plain CLI:
cli-mcp-go-ecosystem module latest github.com/urfave/cli/v3
# {"Version":"v3.9.0","Time":"2026-05-09T21:35:44Z"}
MCP via mcporter:
mcporter call go-ecosystem.module_latest --args '{"args":["github.com/urfave/cli/v3"]}'
Raw JSON-RPC against the endpoint also works. Tool names use underscores not dots because mcporter parses server.tool selectors; cli-mcp ships an Options.NameJoiner knob (coilysiren/cli-mcp#43) for exactly this.
Wire it into your MCP client
mcporter.json at the repo root is the canonical snippet:
{
"mcpServers": {
"go-ecosystem": {
"baseUrl": "https://cli-mcp-go-ecosystem.fly.dev/mcp"
}
}
}
No auth. Read-only public data. Hosted on fly.io as a single shared-cpu-1x machine that auto-stops when idle.
Tools
| Tool | Args | Returns |
|---|---|---|
module_latest |
<module-path> |
Latest version + commit time. |
module_versions |
<module-path> |
All known versions. |
module_info |
<module-path> <version> |
Version metadata. |
module_gomod |
<module-path> <version> |
Raw go.mod text. |
vuln_by-id |
<GO-YYYY-NNNN> |
Full OSV-shaped advisory. |
vuln_by-module |
<module-path> |
Every advisory affecting the module, [] if none. |
Backed by proxy.golang.org and vuln.go.dev. See docs/FEATURES.md for the full inventory and the CLI reference for every subcommand.
Local dev + deploy
coily exec build # go build ./...
coily exec test # go test ./...
./cli-mcp-go-ecosystem module latest <path> # CLI form
./cli-mcp-go-ecosystem mcp serve-http # MCP form
flyctl deploy # ship distroless image; CMD runs `mcp serve-http`
Support
Bug or feature request: create a new issue. Conduct: Code of Conduct. Security: SECURITY.md. License: LICENSE. Siblings in the cli-* family: cli-mcp, cli-guard, cli-web-docs, cli-web-ops.
See also
- AGENTS.md - agent-facing operating rules.
- docs/FEATURES.md - inventory of what ships today.
- .agent-guard/agent-guard.yaml - allowlisted commands.
Cross-reference convention from coilysiren/agentic-os#59.