Skip to main content
Glama
Llama-Ventures

llama-mcp

Public source for low-friction install — not an open-source product. Most operations require a Llama Ventures team account (tokens are minted by the team admin at /settings/tokens). The one exception is the public pitch family.

Install

npm i -g @llamaventures/cli    # Node 18+; also puts `llama-mcp` on your PATH
llama --version
llama auth status              # round-trips against /api/me

Related MCP server: Small Business MCP Server

Authenticate

Credentials are tried in this order, on every call:

#

Source

Best for

1

llama auth login (OAuth, OS keychain, auto-refresh)

Recommended for everyone

2

gcloud auth print-identity-token

Machines already wired with gcloud

3

$LLAMA_TOKEN env var

CI, sandboxed cloud agents

4

~/.llama/token (mode 0600)

Long-lived PATs

5

~/.llama-command/config.json

v0.1 legacy — auto-migrates

llama auth login          # browser sign-in; tokens auto-refresh, survive reboots
llama auth logout         # revokes server-side, clears local storage
llama token set llc_…     # PAT from /settings/tokens — validated before it lands on disk
llama auth status         # shows the resolved identity + active method

No account? Ask your Llama Ventures contact — any email address can be granted a token.

Integrate your AI system

This package is the supported integration surface for Llama Command. Wire in-house agents and LLM apps through here — not the raw HTTP API: the CLI/MCP layer owns the auth chain, the stable Error[…] contract, and forward-compatibility (SemVer); raw API routes carry no such promise.

  1. Credentialsllama auth login, or a PAT via llama token set / $LLAMA_TOKEN for headless systems.

  2. Installnpm i -g @llamaventures/cli.

  3. Wire it in — MCP-native agents point at llama-mcp (per-client config); anything else shells out to llama ….

  4. Onboard the agent — run llama agent-onboard (or the MCP agent_briefing prompt) at session start. It returns the server-owned Agent Runtime Contract, always in sync with the live server.

  5. Verifyllama auth status, then llama deal search "<anything>".

CLI

The CLI is the canonical interface — it handles auth, error formatting, and schema forward-compatibility. Prefer it even from scripts.

llama deal search "acme ai"            # find deals (deal list takes the same filters)
llama deal show <dealId>
llama deal feed <dealId>               # every contribution, newest first
llama activity new-deals --since 24h   # recent deal creations
llama activity updated-deals --since 7d # meaningful updates grouped by deal
llama deal create "Acme AI" --source alex --deal-owner owner@llamaventures.vc --source-direction Outbound --status Interested
llama deal fact add <dealId> --category funding --claim "Raised a seed round" --source "deck p3" --source-url https://...
llama deal update <dealId> status Diligence
llama post <dealId> "note body"
llama brief add-text <dealId> --heading "..." --body "..."
llama wiki search "<query>"
llama wiki save <slug> --title "..." --content "..."
llama mentions
llama agent-onboard                    # server-owned agent workflow contract

Status vocabulary — Interested: tracked before any contact · Outreached: contacted, no response yet · Sourced: real relationship signal exists. sourceDirection is separate: Inbound came to the firm, Outbound we reached out first.

Facts use claim for the fact text. source is a readable provenance label and sourceUrl is the canonical evidence URL; both round-trip from the API. For deal owners, use an exact /api/field-options dealOwner value, a user email, or a numeric user id.

Run llama --help for the group index, llama help all for the full reference (100+ commands). Deletes are soft and audit-logged everywhere.

Error codes

Prefix

Meaning

Recovery

Error[NO_AUTH]

No credentials found

llama auth login or llama token set

Error[UNAUTHORIZED]

Server rejected the credentials

Token revoked / expired / wrong account

The MCP server returns the same prefixes inside isError: true content. Authenticated calls send bounded, content-redacted telemetry to Command; llama eval good|bad --last turns real searches into eval feedback.

MCP server

llama-mcp is a stdio Model Context Protocol server exposing 59 typed tools that mirror the most-used CLI surface. Every tool is named and scoped — there is deliberately no generic API passthrough. Auth is identical to the CLI's chain. For the exact live list, pipe tools/list through it:

printf '%s\n' \
  '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2024-11-05","capabilities":{},"clientInfo":{"name":"dev","version":"1"}}}' \
  '{"jsonrpc":"2.0","method":"notifications/initialized"}' \
  '{"jsonrpc":"2.0","id":2,"method":"tools/list"}' \
  | llama-mcp

~/Library/Application Support/Claude/claude_desktop_config.json (macOS):

{ "mcpServers": { "llama": { "command": "llama-mcp" } } }
claude mcp add llama -- llama-mcp

Point the client at the llama-mcp binary (which llama-mcp). Same JSON shape as above; no protocol extensions, no transport flags.

New agent? llama agent-onboard (CLI) or the agent_briefing prompt (MCP) pulls the server-owned workflow contract. The bundled AGENT_BRIEFING.md is a fallback copy only.

External pitch — no Llama account required

Founders, EAs, and prospective hires can pitch without a token: the pitch commands (and pitch_* MCP tools) talk to our public intake agent — the same structured 12-dimension intake as the web version, driven from your terminal or your own AI agent.

llama pitch start --name "Jane Doe" --email "jane@acme.ai"
llama pitch say "We're building an AI dev tool for X..."
llama pitch upload ./deck.pdf
llama pitch                     # interactive REPL

Server-enforced rate limits apply (per-IP, per-email, per-session).

Stability

  • SemVer. Renaming/removing a command → major; new tool/command/flag → minor; fixes → patch.

  • Public contract: the wire format (Bearer / X-Llama-Token) and the Error[…] prefixes don't change inside a major version.

  • No raw-API passthrough, by design. If a wrapper you need hasn't landed, open an issue instead of calling the HTTP API directly.

Security

  • Published via npm Trusted Publishers (OIDC) with --provenance — no npm token exists to leak.

  • Zero runtime deps for the CLI; the MCP server depends only on @modelcontextprotocol/sdk, pinned exact.

  • Branch protection, Dependabot, secret scanning, push protection enabled.

  • Tokens: ~/.llama/token mode 0600 locally; sha256 hashes server-side.

Report vulnerabilities privately via GitHub security advisories — not public issues. See SECURITY.md.

Contributing

Internal tool maintained by Llama Ventures; team PRs welcome — see CONTRIBUTING.md. External: issues for doc gaps and broken flows are welcome; to get your company in front of us, use the pitch path.

License

MIT — © 2026 Llama Ventures, Inc.

A
license - permissive license
-
quality - not tested
A
maintenance

Maintenance

Maintainers
Response time
1dRelease cycle
33Releases (12mo)
Commit activity

Resources

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Llama-Ventures/llama-cli'

If you have feedback or need assistance with the MCP directory API, please join our Discord server