How do I install ZAAI Dev ?

ZAAI Dev is a local plugin. Install it using npm package: @zaai-dev/mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What credentials does ZAAI Dev need?

ZAAI Dev requires the following credentials or environment variables: ZAAI_API_TOKEN, ZAAI_API_URL. You can find setup instructions on the server detail page.

What AI apps work with ZAAI Dev ?

ZAAI Dev uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

ZAAI Dev MCP Server

by POLONIBOI

Developer ToolsModerate6.2MCP RegistryLocal

Free

Server data from the Official MCP Registry

Zaai Dev brand brief + captured design references for MCP-compatible AI tools.

About

Zaai Dev brand brief + captured design references for MCP-compatible AI tools.

Security Report

6.2

Moderate6.2Moderate Risk

Zaai Dev MCP is a well-structured server with proper authentication, appropriate permission scoping, and clean code practices. The server requires an MCP API token for all sensitive operations, properly handles errors without exposing credentials, and includes reasonable retry logic for transient failures. Minor code quality observations around logging and error handling do not materially impact security. Supply chain analysis found 2 known vulnerabilities in dependencies (0 critical, 2 high severity). Package verification found 1 issue.

7 files analyzed · 6 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

HTTP Network Access

Connects to external APIs or services over the internet.

env_vars

Check that this permission is expected for this type of plugin.

What You'll Need

Set these up before or after installing:

Per-user MCP token, prefix zaai_mcp_. Mint at https://www.zaaistudio.com/dev/settings/tokens (kind = mcp). Sent as Bearer auth on every workspace request; scopes the server to one user's captures and optionally a project allowlist.Required

Environment variable: ZAAI_API_TOKEN

Workspace base URL. Defaults to https://www.zaaistudio.com. Override only for local dev or staging.Optional

Environment variable: ZAAI_API_URL

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-poloniboi-zaai-dev-mcp": {
      "env": {
        "ZAAI_API_URL": "your-zaai-api-url-here",
        "ZAAI_API_TOKEN": "your-zaai-api-token-here"
      },
      "args": [
        "-y",
        "@zaai-dev/mcp"
      ],
      "command": "npx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

Zaai Dev MCP

Model Context Protocol server for the Zaai Dev platform. Exposes your captured design references to MCP-compatible AI tools — Claude Code, Claude Desktop, Cursor, Continue, Cline, anything else that speaks MCP.

After a one-time token paste, prompts like "list my last 5 captures tagged hero and show me their palettes" call the workspace directly and pull back real data.

Install

You need:

Node 20 or newer (node --version)
A Zaai Dev workspace account at https://www.zaaistudio.com
An MCP token — mint one at https://www.zaaistudio.com/dev/settings/tokens (pick "mcp" as the kind). The token-mint screen also shows the config snippets below pre-filled with your secret.

Claude Desktop

Add to claude_desktop_config.json — merge into the existing mcpServers block, don't replace the whole file.

macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json
Linux: ~/.config/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "zaai-dev": {
      "command": "npx",
      "args": ["-y", "@zaai-dev/mcp"],
      "env": {
        "ZAAI_API_TOKEN": "zaai_mcp_YOUR_SECRET_HERE"
      }
    }
  }
}

Restart Claude Desktop. The 17 tools below appear in the slash-command picker.

Cursor

Add to ~/.cursor/mcp.json — same JSON shape as Claude Desktop.

{
  "mcpServers": {
    "zaai-dev": {
      "command": "npx",
      "args": ["-y", "@zaai-dev/mcp"],
      "env": {
        "ZAAI_API_TOKEN": "zaai_mcp_YOUR_SECRET_HERE"
      }
    }
  }
}

Restart Cursor.

Claude Code (CLI)

One-liner — updates ~/.claude/mcp_servers.json automatically:

claude mcp add zaai-dev -e ZAAI_API_TOKEN=zaai_mcp_YOUR_SECRET_HERE -- npx -y @zaai-dev/mcp

Streamable HTTP (v0.3.0+, hosted-agent use cases)

If you want to run Zaai Dev MCP as a network service — e.g. behind a reverse proxy on Fly / Cloudflare / Render so hosted agents (Claude.ai web, OpenAI Assistants, custom frameworks) can reach it — use the zaai-dev-mcp-http binary instead of the stdio one:

ZAAI_API_TOKEN=zaai_mcp_... \
ZAAI_HTTP_PORT=3001 \
  npx -y --package=@zaai-dev/mcp zaai-dev-mcp-http
# POST /mcp for MCP traffic, GET /healthz for liveness

Single-tenant in v1.5 — one process serves one workspace token. Run one process per token if you need multi-tenant, or wait for v2 which adds per-request token binding. Most "I want HTTP" use cases are single-tenant anyway.

Tools

All tools except health need a valid token. All tools except health and whoami charge credits per successful call (your workspace plan determines the monthly grant — see pricing).

Captures (org-wide)

Tool	What it does	Cost
`health`	Server status + version + uptime. No auth.	0
`whoami`	Your userId, orgId, project scope, credit balance.	0
`list_captures`	Paginated list of your captures (newest first). Args: `q`, `cursor`, `limit`.	1
`search_captures`	Same as list but with `q` required. Tuned description for targeted retrieval.	1
`get_capture`	Full payload + signed screenshot URLs for one capture id.	1
`get_palette`	Just the palette slice (page) or eyedropper picks (element/composite).	1
`get_html`	Just the HTML. Page → full HTML; element → outerHTML; composite → concat with markers.	1
`get_animation`	Just the animation data — CSS transitions, keyframes, library hints.	1
`get_media`	Just the media inventory — videos, images, backgrounds, carousels.	1

Brand brief + references (project-scoped, v0.2.0+)

These tools each take a project_id arg (find via the workspace at zaaistudio.com/dev/projects/<id> — the UUID is in the URL).

Tool	What it does	Cost
`get_brand_brief`	Full published brief: positioning, values, voice, audience, design intent, decisions.	1
`get_voice`	Voice slice only — one-liner, tone descriptors, do/don't say, example phrases.	1
`get_audience`	Primary + secondary segments, needs, channels.	1
`get_design_intent`	Descriptors + anti-descriptors + inspiration summary.	1
`get_brand_tokens`	Colors, fonts, radius, shadow scales.	1
`get_decisions`	Paginated decisions log with attribution + brief_field links.	1
`get_references`	Paginated project-scoped reference list.	1
`search_references`	Keyword search within a project's references.	1

Plus the zaai-capture://{id} resource template — attach individual captures to a conversation via the resource picker.

Errors

Error class	Meaning	Action
`Unauthorized`	Token invalid, revoked, or wrong kind	Mint a fresh `mcp` token, update your config, restart
`InsufficientCredits`	Out of credits for the month	Top up or wait for the monthly grant
`CaptureNotFound`	id doesn't exist OR is in a project the token can't see	`list_captures` to find valid ids
`InvalidCaptureId` / `InvalidProjectId`	id isn't a UUID	Pass a UUID from `list_captures` / the workspace URL
`ProjectNotFound`	project_id isn't in your org	Check the id, or that the token's project scope allows this project
`ProjectArchived`	Project exists but is archived	Unarchive in the workspace or use a different project
`OutOfScope`	Token is scoped to specific projects + this isn't one of them	Mint a token without project scope, or add this project to the existing token
`UnknownCaptureField`	Hit a focused-getter route with an unknown field	Use one of: `palette`, `html`, `animation`, `media`

Errors return as isError: true in the tool result so the LLM can read and act on them.

Transient failures (network errors, 502/503/504, 429 rate-limits) retry automatically with exponential backoff (250ms → 500ms → 1000ms, 3 attempts). Retries are transparent — you only see the final outcome — and don't double-charge because the workspace only bills on requests that actually executed.

Troubleshooting

See TROUBLESHOOTING.md for a checklist of common first-install issues and their fixes.

Privacy + scoping

The server holds only your MCP token — it never sees your password, your Supabase service-role key, or other users' data. The workspace's verifyToken derives userId + orgId from your token on every request; queries are scoped to that user + the token's project allowlist (which you set at mint time). A revoked token causes the next tool call to fail with Unauthorized.

The server itself runs entirely on your machine — npx -y @zaai-dev/mcp downloads the package once, then your AI tool launches it as a subprocess. No telemetry, no analytics SDK.

Building locally

git clone https://github.com/POLONIBOI/ZAAI_dev_mcp.git
cd ZAAI_dev_mcp
pnpm install
pnpm build
pnpm inspector            # MCP Inspector for interactive testing

You'll need ZAAI_API_TOKEN set as an env var (or pasted into the Inspector's Environment Variables panel before clicking Connect).

License

MIT.

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Fetch

Free

by Modelcontextprotocol · Developer Tools

Web content fetching and conversion for efficient LLM usage

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

ZAAI Dev MCP Server

About

Security Report

Findings (6)Action required

Permissions Required

What You'll Need

How to Install

Documentation

Zaai Dev MCP

Install

Claude Desktop

Cursor

Claude Code (CLI)

Streamable HTTP (v0.3.0+, hosted-agent use cases)

Tools

Captures (org-wide)

Brand brief + references (project-scoped, v0.2.0+)

Errors

Troubleshooting

Privacy + scoping

Building locally

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Fetch

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript