
Research
/Security News
11 Malicious NuGet Tools Pose as Game Cheats to Drop a Windows Host-Surveillance Payload
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.
@czap/mcp-server
Advanced tools
The Model Context Protocol server for LiteShip: exposes the `czap` commands and capsule catalog as MCP tools that AI assistants can call.
An MCP (Model Context Protocol) server that exposes the czap command catalog as tools, resources, and prompts over stdio or HTTP — so AI agents can run the same commands the czap CLI does. This is not a documentation server. For sealed prose/API docs over HTTP, use docsMcpRoute from @czap/astro with a docs:bundle artifact (#113).
You usually don't install this directly — it arrives as a dependency of
liteship, and theczap mcpverb launches it. Installliteship(or this package alongside@czap/cli) instead, unless you're embedding the server in your own process viastart().
pnpm add @czap/cli @czap/mcp-server # `czap mcp` dynamically loads this package
effect (>= 4.0.0-beta.32) is a required peer dependency: pnpm add effect@beta. @czap/cli is not a peer — this package never imports the CLI.
import { start } from '@czap/mcp-server';
await start(); // stdio transport (default)
// await start({ http: ':3838' }); // HTTP transport instead
The process stays alive serving MCP JSON-RPC on stdin/stdout. For Claude Desktop-style MCP hosts, skip the code and point the host at the launcher:
{ "mcpServers": { "czap": { "command": "czap", "args": ["mcp"] } } }
After the host connects, its tools/list call returns the czap command catalog.
tools/list is authoritative, but so you know what's there before you connect — the MCP-exposed subset (explicit opt-in via mcpExposed; blocking/interactive verbs like gauntlet and ship are deliberately CLI-only):
| Tool | What it does |
|---|---|
capsule.list | List the capsules in the factory registry |
capsule.inspect | Inspect one capsule — its arm, contract, and receipt |
capsule.verify | Verify a capsule is fresh (regeneration-diff check) |
scene.compile | Compile a scene contract to a CompiledScene |
scene.render | Render a compiled scene to frames |
scene.verify | Verify a scene contract resolves |
asset.analyze | Run analysis projections on an asset (beats / onsets / waveform) |
asset.verify | Verify an asset declaration decodes |
check | Run the gauntlet gate fold in-process — structured findings + a blocking verdict |
plumb | Plumb-completeness gate — tests/generated/ placeholder skips + unclassified published packages |
Each tool runs the same handler as the matching czap <verb> (one registry, two skins — @czap/command), so a tool call and a terminal verb are byte-identical. Input/output schemas are in the API reference.
This is a protocol adapter over @czap/command — the shared command registry the CLI also projects, so a tool call and a terminal verb run the identical handler. @czap/core supplies the command and receipt types, and @czap/compiler backs the MCP-app manifest resource. It deliberately has no bin and never imports @czap/cli; the two are sibling skins, connected only by the CLI's dynamic import in czap mcp. See the package surfaces map for the full layout.
A stdio MCP server prints nothing at startup — silence is normal, not a hang. It answers JSON-RPC requests on stdin; if your MCP host shows no tools, check that both @czap/cli and @czap/mcp-server are installed in the same project and on the same version, since czap mcp resolves this package from where the CLI runs.
Part of LiteShip — powered by the CZAP engine (Content-Zoned Adaptive Projection), distributed as @czap/* packages.
FAQs
The Model Context Protocol server for LiteShip: exposes the `czap` commands and capsule catalog as MCP tools that AI assistants can call.
We found that @czap/mcp-server demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.

Research
/Security News
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.