llama-mcp
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@llama-mcplist my active deals"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Public source for low-friction install — not an open-source product. Most operations require a Llama Ventures team account (tokens are minted by the team admin at
/settings/tokens). The one exception is the publicpitchfamily.
Install
npm i -g @llamaventures/cli # Node 18+; also puts `llama-mcp` on your PATH
llama --version
llama auth status # round-trips against /api/meRelated MCP server: Small Business MCP Server
Authenticate
Credentials are tried in this order, on every call:
# | Source | Best for |
1 |
| Recommended for everyone |
2 |
| Machines already wired with gcloud |
3 |
| CI, sandboxed cloud agents |
4 |
| Long-lived PATs |
5 |
| v0.1 legacy — auto-migrates |
llama auth login # browser sign-in; tokens auto-refresh, survive reboots
llama auth logout # revokes server-side, clears local storage
llama token set llc_… # PAT from /settings/tokens — validated before it lands on disk
llama auth status # shows the resolved identity + active methodNo account? Ask your Llama Ventures contact — any email address can be granted a token.
Integrate your AI system
This package is the supported integration surface for Llama Command. Wire
in-house agents and LLM apps through here — not the raw HTTP API: the
CLI/MCP layer owns the auth chain, the stable Error[…] contract, and
forward-compatibility (SemVer); raw API routes carry no such
promise.
Credentials —
llama auth login, or a PAT viallama token set/$LLAMA_TOKENfor headless systems.Install —
npm i -g @llamaventures/cli.Wire it in — MCP-native agents point at
llama-mcp(per-client config); anything else shells out tollama ….Onboard the agent — run
llama agent-onboard(or the MCPagent_briefingprompt) at session start. It returns the server-owned Agent Runtime Contract, always in sync with the live server.Verify —
llama auth status, thenllama deal search "<anything>".
CLI
The CLI is the canonical interface — it handles auth, error formatting, and schema forward-compatibility. Prefer it even from scripts.
llama deal search "acme ai" # find deals (deal list takes the same filters)
llama deal show <dealId>
llama deal feed <dealId> # every contribution, newest first
llama activity new-deals --since 24h # recent deal creations
llama activity updated-deals --since 7d # meaningful updates grouped by deal
llama deal create "Acme AI" --source alex --deal-owner owner@llamaventures.vc --source-direction Outbound --status Interested
llama deal fact add <dealId> --category funding --claim "Raised a seed round" --source "deck p3" --source-url https://...
llama deal update <dealId> status Diligence
llama post <dealId> "note body"
llama brief add-text <dealId> --heading "..." --body "..."
llama wiki search "<query>"
llama wiki save <slug> --title "..." --content "..."
llama mentions
llama agent-onboard # server-owned agent workflow contractStatus vocabulary — Interested: tracked before any contact ·
Outreached: contacted, no response yet · Sourced: real relationship
signal exists. sourceDirection is separate: Inbound came to the firm,
Outbound we reached out first.
Facts use claim for the fact text. source is a readable provenance label
and sourceUrl is the canonical evidence URL; both round-trip from the API.
For deal owners, use an exact /api/field-options dealOwner value, a user
email, or a numeric user id.
Run llama --help for the group index, llama help all for the full
reference (100+ commands). Deletes are soft and audit-logged everywhere.
Error codes
Prefix | Meaning | Recovery |
| No credentials found |
|
| Server rejected the credentials | Token revoked / expired / wrong account |
The MCP server returns the same prefixes inside isError: true content.
Authenticated calls send bounded, content-redacted telemetry to Command;
llama eval good|bad --last turns real searches into eval feedback.
MCP server
llama-mcp is a stdio Model Context Protocol server exposing 59 typed tools
that mirror the most-used CLI surface. Every tool is named and scoped — there
is deliberately no generic API passthrough. Auth is identical to the CLI's
chain. For the exact live list, pipe tools/list through it:
printf '%s\n' \
'{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2024-11-05","capabilities":{},"clientInfo":{"name":"dev","version":"1"}}}' \
'{"jsonrpc":"2.0","method":"notifications/initialized"}' \
'{"jsonrpc":"2.0","id":2,"method":"tools/list"}' \
| llama-mcp~/Library/Application Support/Claude/claude_desktop_config.json (macOS):
{ "mcpServers": { "llama": { "command": "llama-mcp" } } }claude mcp add llama -- llama-mcpPoint the client at the llama-mcp binary (which llama-mcp). Same JSON
shape as above; no protocol extensions, no transport flags.
New agent?
llama agent-onboard(CLI) or theagent_briefingprompt (MCP) pulls the server-owned workflow contract. The bundledAGENT_BRIEFING.mdis a fallback copy only.
External pitch — no Llama account required
Founders, EAs, and prospective hires can pitch without a token: the pitch
commands (and pitch_* MCP tools) talk to our public intake agent — the same
structured 12-dimension intake as the
web version, driven from
your terminal or your own AI agent.
llama pitch start --name "Jane Doe" --email "jane@acme.ai"
llama pitch say "We're building an AI dev tool for X..."
llama pitch upload ./deck.pdf
llama pitch # interactive REPLServer-enforced rate limits apply (per-IP, per-email, per-session).
Stability
SemVer. Renaming/removing a command → major; new tool/command/flag → minor; fixes → patch.
Public contract: the wire format (Bearer / X-Llama-Token) and the
Error[…]prefixes don't change inside a major version.No raw-API passthrough, by design. If a wrapper you need hasn't landed, open an issue instead of calling the HTTP API directly.
Security
Published via npm Trusted Publishers (OIDC) with
--provenance— no npm token exists to leak.Zero runtime deps for the CLI; the MCP server depends only on
@modelcontextprotocol/sdk, pinned exact.Branch protection, Dependabot, secret scanning, push protection enabled.
Tokens:
~/.llama/tokenmode0600locally; sha256 hashes server-side.
Report vulnerabilities privately via
GitHub security advisories
— not public issues. See SECURITY.md.
Contributing
Internal tool maintained by Llama Ventures; team PRs welcome — see
CONTRIBUTING.md. External: issues for doc gaps and broken
flows are welcome; to get your company in front of us, use the
pitch path.
License
MIT — © 2026 Llama Ventures, Inc.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/Llama-Ventures/llama-cli'
If you have feedback or need assistance with the MCP directory API, please join our Discord server