Give your AI agent access to any API in ~1,000 tokens.
Most MCP servers flood your context window with hundreds of tool definitions. codemode gives your AI two tools instead: search and execute, built on Cloudflare's Code Mode pattern. Your AI writes code to search API docs and make calls. That's it.
56 APIs out of the box. GitHub, Stripe, OpenAI, Slack, Notion, Discord, and 50 more.
Your AI agent → "find the endpoint to create a repo"
→ search() → AI writes JS to query the API spec → returns matching endpoints
Your AI agent → "create a repo called my-project"
→ execute() → AI writes JS to call the API → your server proxies the request → returns result
Traditional MCP servers expose hundreds of tools per API. A single large API can eat 500K+ tokens just for tool definitions, which is more than most context windows.
codemode exposes 2 tools total, regardless of API size. The AI figures out the rest by writing code against a searchable spec.
| Traditional MCP | codemode | |
|---|---|---|
| Tools per API | 100-500+ | 2 |
| Tokens used | 100K-1M+ | ~1,000 |
| Adding a new API | Build a new MCP server | Point at an OpenAPI spec |
Add to your MCP config:
Claude Code (~/.claude/mcp.json):
{
"servers": {
"github": {
"url": "https://cm.dee.ad/mcp?api_id=github",
"headers": { "x-api-key": "your_github_token" }
}
}
}Cursor → Settings → MCP → Add server → paste the URL.
OpenClaw → Add to your MCP config with the same URL + header.
Your AI now has full GitHub API access. Ask it anything.
npm install -g universal-codemode-mcp
# Run with any supported API
universal-codemode-mcp serve --spec githubAdd to Claude Code as a local server:
{
"servers": {
"github": {
"command": "universal-codemode-mcp",
"args": ["serve", "--spec", "github"],
"env": { "UCMCP_AUTH_VALUE": "your_github_token" }
}
}
}Tier 1 — Core
| API | Endpoints | Auth |
|---|---|---|
| GitHub | 15 | Bearer |
| Stripe | 12 | Bearer |
| OpenAI | 12 | Bearer |
| Anthropic | 10 | x-api-key |
| Google (Gmail, Calendar, Drive, Sheets) | 40 | OAuth2 |
| Slack | 10 | Bearer |
| Discord | 10 | Bot token |
| Notion | 10 | Bearer |
| Twilio | 10 | Basic |
| SendGrid | 10 | Bearer |
| AWS (S3, Lambda, DynamoDB) | 30 | SigV4 |
| Cloudflare | 10 | Bearer |
| Vercel | 10 | Bearer |
| Supabase | 10 | Bearer |
| Firebase | 10 | OAuth2 |
Tier 2 — Popular
| API | Endpoints | Auth |
|---|---|---|
| Shopify | 10 | Access Token |
| HubSpot | 10 | Bearer |
| Salesforce | 10 | OAuth2 |
| Jira | 10 | Basic/OAuth2 |
| Linear | 10 | Bearer |
| Airtable | 10 | Bearer |
| Figma | 10 | Bearer |
| Spotify | 10 | Bearer |
| X (Twitter) | 10 | Bearer |
| 10 | OAuth2 | |
| YouTube | 10 | API key |
| Telegram | 10 | Bot token |
Tier 3 — Developer Tools
| API | Endpoints | Auth |
|---|---|---|
| Docker Hub | 10 | Bearer |
| npm Registry | 10 | Bearer |
| PyPI | 10 | None |
| Postman | 10 | API key |
| Sentry | 10 | Bearer |
| Datadog | 10 | API key |
| PagerDuty | 10 | Token |
| Grafana | 10 | Bearer |
| MongoDB Atlas | 10 | Digest |
| Elasticsearch | 10 | Basic |
Tier 4 — Services
| API | Endpoints | Auth |
|---|---|---|
| OpenWeatherMap | 10 | API key |
| NewsAPI | 10 | API key |
| CoinGecko | 10 | None/API key |
| Alpha Vantage | 10 | API key |
| Unsplash | 10 | Client-ID |
| Giphy | 10 | API key |
| Mapbox | 10 | Token |
| Google Maps | 10 | API key |
| Calendly | 10 | Bearer |
| Zoom | 10 | Bearer |
| Intercom | 10 | Bearer |
| Zendesk | 10 | Basic |
| Mailchimp | 10 | API key |
| ConvertKit | 10 | Bearer |
Deploy to Cloudflare Workers (free tier handles 100K requests/day):
# Clone
git clone https://github.com/deeflect/universal-codemode.git
cd codemode
# Install
npm install
# Setup Cloudflare resources
wrangler login
wrangler kv namespace create SPEC_CACHE # copy ID to wrangler.jsonc
wrangler r2 bucket create codemode-specs
wrangler secret put ADMIN_TOKEN # set your admin password
# Deploy
npm run deploy
# Seed all 56 APIs
npm run seed-catalogYour server is live at https://your-worker.workers.dev/mcp?api_id=<api>.
Have an OpenAPI spec? Register it:
curl -X POST https://your-server/register \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"apiId": "my-api",
"sourceUrl": "https://example.com/openapi.json",
"baseUrl": "https://api.example.com",
"allowedHosts": ["api.example.com"],
"auth": { "headerName": "authorization", "prefix": "Bearer " }
}'Supports JSON and YAML specs. Auto-resolves $refs. Specs refresh weekly via cron.
Your API keys never touch our servers. You pass credentials via the x-api-key header on each MCP request. The server injects them into the outbound API call and drops them immediately. Nothing is stored.
User → x-api-key: sk_live_xxx → codemode server → Authorization: Bearer sk_live_xxx → Stripe API
┌─────────────────────────────────────────────┐
│ AI Agent (Claude, Cursor, Codex, OpenClaw) │
│ Gets 2 tools: search() + execute() │
└──────────────┬──────────────────────────────┘
│ MCP (JSON-RPC)
┌──────────────▼──────────────────────────────┐
│ codemode server (Cloudflare Worker) │
│ │
│ search(code) │
│ → Sandbox (no network) │
│ → Runs user code against preprocessed spec │
│ → Returns matching endpoints/schemas │
│ │
│ execute(code) │
│ → Sandbox (restricted network) │
│ → Runs user code with api.request() │
│ → GlobalOutbound: host allowlist + auth │
│ → Returns API response │
│ │
│ Spec storage: R2 + KV │
│ Weekly auto-refresh via cron │
└─────────────────────────────────────────────┘
Powered by @cloudflare/codemode — the official Code Mode SDK. Built on Cloudflare's Code Mode pattern and their Agents SDK + MCP server. The Cloudflare team did the hard work of figuring out this approach and open-sourcing it.
Made by Dee.
MIT. Do whatever you want with it.