Product
Introducing Manifest Alerts
Socket now detects supply chain risks in project manifests, starting with missing lockfiles that can make dependency installs non-reproducible.
By André Staltz, Trevor Norris - Jun 16, 2026
🚀. Socket Launch Week Day 2:Introducing Manifest Alerts.Learn more →
@frontmcp/plugin-codecall
Advanced tools
@frontmcp/plugin-codecall
CodeCall plugin for FrontMCP - AgentScript-based meta-tools for orchestrating MCP tools
@frontmcp/plugin-codecall
CodeCall plugin for FrontMCP - provides AgentScript-based meta-tools for orchestrating MCP tools.
Installation
npm install @frontmcp/plugin-codecall @frontmcp/plugin-cache
Note:
@frontmcp/plugin-cacheis a peer dependency and must be installed.
Usage
import { CodeCallPlugin } from '@frontmcp/plugin-codecall';
import { CachePlugin } from '@frontmcp/plugin-cache';
import { FrontMcp } from '@frontmcp/sdk';
const app = new FrontMcp({
plugins: [CachePlugin, CodeCallPlugin],
});
Features
- Meta-Tools: Search, describe, execute, and invoke tools programmatically
- AgentScript Execution: Run JavaScript code in a sandboxed VM
- Tool Discovery: Semantic search across available tools
- Configurable Modes: Control tool visibility and execution patterns
Meta-Tools
codecall:search- Search for tools by name or descriptioncodecall:describe- Get detailed tool descriptionscodecall:execute- Execute AgentScript codecodecall:invoke- Invoke a specific tool directly
Configuration
import { CodeCallPlugin } from '@frontmcp/plugin-codecall';
const app = new FrontMcp({
plugins: [
CodeCallPlugin.configure({
mode: 'codecall_only', // 'codecall_only' | 'codecall_opt_in' | 'metadata_driven'
embedding: {
enabled: true,
model: 'default',
},
}),
],
});
Modes
- codecall_only: Hide all tools except CodeCall meta-tools
- codecall_opt_in: Show all tools, opt-in to CodeCall execution
- metadata_driven: Use per-tool metadata for visibility
License
Apache-2.0
FAQs
CodeCall plugin for FrontMCP - AgentScript-based meta-tools for orchestrating MCP tools
The npm package @frontmcp/plugin-codecall receives a total of 2,628 weekly downloads. As such, @frontmcp/plugin-codecall popularity was classified as popular.
We found that @frontmcp/plugin-codecall demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 09 Jan 2026
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
GlassWASM: WebAssembly Malware Found in Trojanized Open VSX Extensions
The trojanized extensions use TinyGo-compiled WebAssembly and Solana transaction memos to resolve command-and-control infrastructure.
By Joseph Edwards - Jun 15, 2026
Security News
US Government Forces Anthropic to Pull Claude Fable Days After Launch
Anthropic says the directive cited national security concerns over a narrow jailbreak, but offered no specific technical details.
By Sarah Gooding - Jun 13, 2026