Server data from the Official MCP Registry
Self-hosted Cloudflare Worker remote backend for context-keeper (D1, streamable-HTTP).
Self-hosted Cloudflare Worker remote backend for context-keeper (D1, streamable-HTTP).
Remote endpoints: streamable-http: https://context-keeper-remote.{account}.workers.dev/mcp/{token}
Valid MCP server (1 strong, 1 medium validity signals). No known CVEs in dependencies. Imported from the Official MCP Registry. 1 finding(s) downgraded by scanner intelligence.
Endpoint verified · Open access · 1 issue found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Remote Plugin
No local installation needed. Your AI client connects to the remote endpoint directly.
Add this to your MCP configuration to connect:
{
"mcpServers": {
"io-github-jarmstrong158-context-keeper-remote": {
"url": "https://context-keeper-remote.{account}.workers.dev/mcp/{token}"
}
}
}From the project's GitHub README.
Part of the xylem stack.
A remote MCP server on Cloudflare Workers that exposes context-keeper's rationale store (decisions, pipelines, constraints) over Streamable HTTP. It works as a claude.ai custom connector, including on mobile, so your project's decisions and constraints are available from any Claude session — no PC left running, no tunnel.
Self-host your own copy in a few clicks with the button above — Cloudflare copies this repo into your GitHub account, creates a fresh D1 database for you, and deploys the Worker. Then you add one secret and paste a URL into Claude. Full walkthrough below; every step is a click, no command line anywhere.
The maintainer's own instance runs at
https://context-keeper-remote.jarmstrong158.workers.dev. Yours will be at your own subdomain after you deploy.
WHERE queries; two writers (desktop +
mobile) don't clobber each other the way whole-file JSON read-modify-write does.Click the Deploy to Cloudflare button at the top of this page. Cloudflare will:
When it finishes, your Worker is live at
https://context-keeper-remote.<your-subdomain>.workers.dev. Note that URL — you'll
need it in Step 3. (You can always find it under Workers & Pages in the
dashboard.)
Nothing to configure in the repo, and no SQL to run — the database starts empty and the Worker creates its tables on the first request.
AUTH_TOKEN secret (Cloudflare dashboard)The Worker refuses every request until it has an auth token, so set one:
AUTH_TOKEN. Value: a long random string (32+ characters
— treat it like a password). Save/Deploy.That value is your connector's password. Keep it somewhere safe; you'll paste it in the next step.
agentsync-remote uses the same AUTH_TOKEN scheme, and additionally needs, in
its Worker's Variables and Secrets:
GH_PAT — a GitHub personal access token, andREPO — set to the owner/repo it should sync.Those two do not apply to context-keeper-remote (this repo) — it only needs
AUTH_TOKEN. See the agentsync-remote README for its specifics.
claude.ai → Settings → Connectors → Add custom connector.
Paste your Worker URL with the token as the final path segment:
https://context-keeper-remote.<your-subdomain>.workers.dev/mcp/<AUTH_TOKEN>
Replace <your-subdomain> with your Worker's subdomain (Step 1) and
<AUTH_TOKEN> with the exact value you set (Step 2).
Save. The tools (record_entry, get_context, query_entries, …) are now
available in your Claude sessions.
Check it works: ask Claude to call get_project_summary. If it answers, the
whole chain (deploy → auto-provisioned D1 → auto-migration → auth) is working.
If you already run local context-keeper, ask Claude (with the connector enabled) to
call import_entries, pasting each file's contents:
decisions.json → import_entries(project, kind="decision", entries=[...])pipelines.json → import_entries(project, kind="pipeline", entries=[...])constraints.json → import_entries(project, kind="constraint", entries=[...])Incoming ids are preserved; existing ids are reported, never overwritten.
The URL you paste into Claude embeds AUTH_TOKEN as its last path segment.
Anyone who has the full …/mcp/<AUTH_TOKEN> URL can read and write your entire
store. Treat it exactly like a password:
404 with no
detail (a valid token used with a non-POST method gets 405).AUTH_TOKEN in the Cloudflare dashboard (Step 2). This
immediately invalidates every old URL — any connector using the previous
token starts getting 404s until you update it in claude.ai (Step 3) with the new
value.Every tool takes an optional project; if omitted it falls back to the configured
default_project (set it once with config — op='set', key default_project).
The unified tools (config, record_entry) are the current surface; the older
per-operation tools remain as deprecated aliases so existing callers keep
working. New work should prefer the unified tools.
| Tool | Purpose |
|---|---|
config | Read or write config: op='get' reads a key, op='set' writes it (value required). Use key default_project (global scope, no project) to pick the project used when a call omits project. |
set_config / get_config | Deprecated aliases for config(op='set') / config(op='get'). |
record_entry | Unified write: record a decision, constraint, or pipeline. Required field depends on kind — decision needs summary, constraint needs rule, pipeline needs name. |
record_decision | Deprecated alias for record_entry(kind='decision'): summary, problem, why_chosen, what_we_tried, tradeoffs, tags. |
record_constraint | Deprecated alias for record_entry(kind='constraint'): a rule that must hold — rule, reason, tags. |
record_pipeline | Deprecated alias for record_entry(kind='pipeline'): a reusable process — name, purpose, steps (extra fields kept verbatim). |
get_context | Relevance-ranked retrieval for a query (keyword scoring; excludes deprecated unless include_deprecated). |
query_entries | Structured filters: id, kind, tags (all must match), status (active/deprecated/all), free text, and limit. |
get_project_summary | One-call orientation: entry counts by kind and status, the ids present, the active constraints (compact), and the most recent decisions. |
update_entry | Merge patch fields into an entry's payload; optionally change status. |
deprecate_entry | Mark deprecated, optionally linking superseded_by. |
reload_constraints | Compact list of the active constraints. |
prune_stale | Delete old deprecated entries (dry run by default; pass dry_run=false). |
verify_quality | Flag entries missing rationale-bearing fields. |
export_markdown | Render entries as a DECISIONS.md-style document. |
import_entries | Bulk import from the local JSON store format (preserves ids, reports collisions, never overwrites). |
upsert_entries | Bulk upsert in the local store format — the mirror-sync path. New ids are inserted; an existing id is replaced only when the incoming updated_at is strictly newer (last-writer-wins by timestamp), else skipped. Carries edits and deprecations between mirrored stores; never deletes. |
summary, problem, why_chosen, what_we_tried,
tradeoffs, tags. The deprecated rationale field is accepted on input and
mapped to why_chosen when why_chosen is absent.rule, reason, tags.name, purpose, steps, plus any extra fields you pass.dec-001, pipe-003, con-012. Because the same
id recurs across projects, the D1 primary key is composite (project, id).Everything above is for self-hosters. This section is for working on the code itself.
wrangler.toml has two profiles:
database_id.
This is what the Deploy button, wrangler dev, and the local test suite use. With
no id, Cloudflare auto-provisions a fresh database for each self-hoster.[env.production] — pins the maintainer's real database_id and the Worker
name. The maintainer's CI deploys with wrangler deploy --env production so it
keeps hitting the same database and the same URL. Self-hosters never touch this
env..github/workflows/deploy.yml runs on push to main, and is gated with
if: github.repository == 'jarmstrong158/context-keeper-remote' so forks (which
deploy via Workers Builds instead) don't run failing Actions. Steps: checkout →
Node 22 (Wrangler needs ≥ 22) → npm ci → npm test → wrangler deploy --env production. Tests gate the deploy. It reads two GitHub repo secrets,
CLOUDFLARE_API_TOKEN (needs Workers Scripts: Edit) and CLOUDFLARE_ACCOUNT_ID
— distinct from the Worker's own AUTH_TOKEN.
No network and no Cloudflare credentials required — tests run against a local
workerd D1 via @cloudflare/vitest-pool-workers. Requires Node ≥ 22.
npm install
npm test # vitest: migrations, cold-start, CRUD, id sequencing, auth, import, ...
npm run typecheck # tsc --noEmit
After a deploy, from any machine with network access:
WORKER_URL="https://context-keeper-remote.<subdomain>.workers.dev/mcp/<AUTH_TOKEN>" \
node scripts/smoke-test.mjs
Runs initialize → tools/list → record_decision → query_entries against the live
worker.
src/index.ts fetch handler: token check -> MCP dispatch (schema ensured lazily on first tools/call, not on the handshake)
src/mcp.ts stateless Streamable HTTP MCP server (createMcpHandler)
src/db.ts D1 access + runtime migration runner + id generation
src/entries.ts payload normalization, insert-with-retry, keyword scoring
src/tools/*.ts one module per tool group
schema.sql reference copy of the DDL the migration runner embeds
wrangler.toml default (auto-provision) + [env.production] (pinned) config
.github/workflows/deploy.yml test-then-deploy on push to main (maintainer repo)
scripts/smoke-test.mjs live JSON-RPC round-trip check
test/ vitest suite (local workerd D1, no network)
| Symptom in the Actions log | Cause | Fix |
|---|---|---|
Wrangler requires at least Node.js v22.0.0 | Node < 22 | Already set to Node 22 in deploy.yml. |
it's necessary to set a CLOUDFLARE_API_TOKEN environment variable | Deploy secrets missing | Add both GitHub repo secrets. |
No route for that URI [code: 7000] / object identifier is invalid [code: 7003] | API token lacks Workers permission, or wrong CLOUDFLARE_ACCOUNT_ID | Use an "Edit Cloudflare Workers" token; confirm the account id. |
Deploys succeed but every call returns 404 | Worker AUTH_TOKEN not set, or the URL's token doesn't match it | Set/verify AUTH_TOKEN in the Cloudflare dashboard. |
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.