BuyAPI CLI + MCP Server

Unbiased vendor intelligence for AI coding agents.

BuyAPI helps AI agents and developers make informed infrastructure decisions. When your agent needs to pick a database, auth provider, hosting platform, payment processor, email provider, or UI component system, BuyAPI provides current, structured, neutral vendor comparisons - not training data defaults.

Quick Start

Remote MCP (Recommended)

The hosted endpoint is the primary install path and exposes the current seven-tool contract.

Add to your MCP client config:

{
  "mcpServers": {
    "buyapi": {
      "url": "https://buyapi.ai/api/mcp"
    }
  }
}

This is the easiest path: the client connects directly to BuyAPI over HTTP, with no local process and no npm install.

CLI Setup

Run setup to install BuyAPI into your agent:

npx buyapi

Bare npx buyapi opens an interactive setup flow. It asks which coding agent you use, installs the hosted MCP config by default, can add the /stack planning skill where supported, and can log you in for higher limits and stack sync.

Or target a client directly:

npx buyapi setup cursor
npx buyapi setup claude-code
npx buyapi setup codex
npx buyapi setup windsurf
npx buyapi setup cline

By default setup writes the hosted MCP URL. Use --local when a client needs a local stdio process:

npx buyapi setup codex --local

Claude Code and Codex can also install the /stack planning workflow:

npx buyapi setup claude-code --skill
npx buyapi setup-skill codex

/stack inspects the local repo, asks for missing constraints, calls BuyAPI MCP for current vendor data, and returns a sourced Stack Decision Record. It does not sync scan data unless you explicitly ask it to.

If you use the CLI often and do not want to type npx, install it globally:

npm install -g buyapi
buyapi scan

In an MCP client config, use the explicit mcp command. The client launches it as a local stdio server; you do not run it manually first:

{
  "mcpServers": {
    "buyapi": {
      "command": "npx",
      "args": ["-y", "buyapi", "mcp"]
    }
  }
}

Use the local path when an agent client does not support remote MCP URLs, or when you want the open-source local transport. Hosted MCP is still the recommended default. The older buyapi-mcp package is deprecated on npm so new users see one canonical package name.

Stack Scan And Sync

The CLI has a stack scanner. Plain scan prints a local preview first, then asks whether to save the private stack when the terminal is interactive:

npx buyapi scan

Run it from the app, package, or monorepo root that contains project signals such as package.json, a lockfile, framework config, convex/, prisma/, Python manifests, or source imports. You can also point it at a public GitHub repo URL:

npx buyapi scan https://github.com/owner/repo

If no project signals are found, the CLI prints wrong-folder guidance instead of silently returning an empty stack. Sync also skips stacks with zero known BuyAPI tools unless you pass --allow-empty.

Use --verbose to see evidence and unknown package candidates found in package.json:

npx buyapi scan --verbose

For a guaranteed no-upload preview, use --dry-run. To save a private stack without prompts in automation, login once, then sync:

npx buyapi login
npx buyapi scan --sync --yes

Detection uses BuyAPI's own registry of manifest, marker-file, env-key, config-content, import, framework, and language signals. Unknown runtime packages are kept as candidates so the public tool register can learn about new AI-native tools without copying third-party detection tables. Routine dev/build tooling is filtered out before it reaches the review queue.

buyapi login opens the browser, signs in through the dashboard, creates a CLI API key, and stores it locally. You can still pass an existing key with buyapi login ba_live_... or use BUYAPI_API_KEY in CI. buyapi whoami --quiet exits 0 when a key is active and 1 when it is not. Sync uploads known detected tools plus filtered unknown package names, versions, and evidence so BuyAPI can review emerging tools. It does not upload source code, source file contents, or environment values.

scan is a human-facing CLI command, not an MCP tool. The MCP server should stay quiet on stdout because stdout carries the MCP protocol.

Read-Only CLI

The local package can query BuyAPI without starting an MCP client:

npx buyapi search "realtime database with preview environments" --category database
npx buyapi details /database/convex
npx buyapi compare /database/convex /database/supabase --query "realtime SaaS"
npx buyapi recommend "B2B AI SaaS with teams and usage billing" --users 1000
npx buyapi cost /email/ses --emails 50000

Use --json on read-only commands to print the raw structured response.

When To Use BuyAPI

Use BuyAPI when the question is a vendor or stack decision:

Should I use Convex, Supabase, or Neon for a realtime B2B SaaS?

Estimate the email cost for 50,000 transactional sends/month.

What auth provider should I use for organizations, SSO later, and a generous free tier?

Use implementation docs tools such as Context7 after the decision is made and the agent needs exact APIs, code examples, or version-specific setup steps.

Tips For Better Answers

• Use BuyAPI vendor IDs when you know them, e.g. /database/convex, /database/supabase, /hosting/vercel.
• Include workload numbers when asking about cost: users, monthly active users, email sends, storage, bandwidth, or monthly orders.
• Include constraints that matter: solo founder, B2B SaaS, HIPAA/SOC2 later, no credit card free tier, preview environments, realtime collaboration, or low lock-in.
• Ask for alternatives when you want tradeoffs, not just a single recommendation.

Common launch-corpus IDs:

/database/convex
/database/supabase
/database/neon
/auth/clerk
/hosting/vercel
/payments/stripe
/email/resend
/ui-components/shadcn-ui

Available Tools

vendors.resolve

Search for vendors by query. Category is optional. Returns matching vendors with pricing summaries, positioning, confidence, and explicit unknown-corpus fallbacks.

Query: "I need a database for a real-time collaborative app"
Category: "database"

-> Returns: Convex, Supabase, Neon, PlanetScale, Firebase with comparison metadata

vendors.details

Get detailed vendor profile: concrete pricing numbers, free tier limits, scaling characteristics, known gotchas, source provenance, and head-to-head comparisons.

Vendor ID: /database/supabase
Query: "free tier limits for a side project"

-> Returns: Full pricing tiers, 500MB DB limit, 50K auth users, scaling triggers, and sources

vendors.evidence

Fetch recent reviewed evidence rows for a vendor, category, stack, or comparison.

Subject type: "vendor"
Subject ID: /database/supabase

-> Returns: Evidence summaries with source URLs, stance, confidence, and observed dates

stacks.findSimilar

Find public stack profiles related to a vendor, or recent curated stack examples.

Vendor ID: /database/convex

-> Returns: Similar stack profiles with project summary, audience, stage, tools, and confidence

vendors.compare

Compare two or more specific vendors for a workload or decision.

Vendor IDs: ["/database/convex", "/database/supabase", "/database/neon"]
Query: "realtime TypeScript SaaS with preview environments"

-> Returns: Structured decision matrix with fit, capability-by-capability yes/no/unknown coverage, tradeoffs, estimated cost, confidence, and sources

vendors.estimateCost

Run deterministic cost estimates from explicit workload inputs instead of leaving math to the model.

Vendor IDs: ["/email/ses"]
Workload: { "emailSendsPerMonth": 50000 }

-> Returns: Amazon SES estimated at $5/month, basis, assumptions, unknowns, and sources

stacks.recommend

Describe your project and get a complete stack recommendation with cost projections, a decision matrix, assumptions, unknowns, alternatives, and sources.

Use this for stack/vendor/tool decisions, not local implementation questions like CSS layout, TypeScript compiler errors, or framework API usage.

Project: "SaaS for restaurant inventory with real-time updates"
Constraints: "Solo founder, under $50/month until 1000 users"
Stack context: [{ "vendorSlug": "/database/convex", "category": "database", "confidence": "high" }]

-> Returns: Full stack (hosting + DB + auth + payments + email) with structured cost and decision data

Setup by Client

{
  "mcpServers": {
    "buyapi": {
      "url": "https://buyapi.ai/api/mcp"
    }
  }
}

{
  "mcpServers": {
    "buyapi": {
      "url": "https://buyapi.ai/api/mcp"
    }
  }
}

{
  "servers": {
    "buyapi": {
      "url": "https://buyapi.ai/api/mcp"
    }
  }
}

{
  "mcpServers": {
    "buyapi": {
      "url": "https://buyapi.ai/api/mcp"
    }
  }
}

{
  "mcpServers": {
    "buyapi": {
      "command": "npx",
      "args": ["-y", "buyapi", "mcp"]
    }
  }
}

API Keys

BuyAPI currently works without an API key at the anonymous rate limit. Signed-in users can create dashboard API keys for keyed access, usage analytics, and stack sync.

The local package reads either BUYAPI_API_KEY or the key stored by buyapi login:

{
  "mcpServers": {
    "buyapi": {
      "url": "https://buyapi.ai/api/mcp",
      "env": {
        "BUYAPI_API_KEY": "ba_live_..."
      }
    }
  }
}

CLI Reference

buyapi                             # Show setup guidance
buyapi setup <client>              # Install MCP config for an agent
buyapi setup <client> --skill      # Install MCP config and the /stack skill
buyapi setup-skill <client>        # Install the /stack skill only
buyapi mcp                         # Run the local MCP server over stdio
buyapi login                       # Browser login and local key storage
buyapi login <api-key>             # Store an existing API key
buyapi logout                      # Remove the stored API key
buyapi whoami                      # Verify the active local key
buyapi whoami --quiet              # Auth check for scripts
buyapi scan [dir]                  # Scan locally, then optionally save stack
buyapi scan https://github.com/x/y  # Scan a public GitHub repo
buyapi scan --sync --yes           # Save detected tools without prompts
buyapi search <query>              # Search vendors
buyapi details <vendorId>          # Fetch one vendor profile
buyapi compare <ids...>            # Compare vendors
buyapi recommend <prompt>          # Recommend a stack
buyapi cost <ids...>               # Estimate cost from workload flags
buyapi --version                   # Print the CLI version

Common flags:

--category <name>       Limit search/cost to a category
--query <text>          Add workload or decision context
--client <name>         Setup target: claude-code, cursor, codex, windsurf, cline
--local                 Write local stdio MCP config during setup
--skill                 Also install the /stack planning skill during setup
--print                 Print setup config instead of writing it
--name <text>           Stack name for scan sync
--stack-name <text>     Alias for --name
--stack <slug>          Stable stack slug/name to update
--summary <text>        Stack notes for scan sync
--sync                  Save scan output to your dashboard
--dry-run               Preview scan output without uploading
--verbose               Include scanner evidence details
--all                   Include lower-confidence supporting detections
--allow-empty           Save even when no known tools were detected
--force                 Alias for --allow-empty
--yes                   Skip sync confirmation prompt
--users <n>             Monthly active users
--emails <n>            Email sends per month
--orders <n>            Monthly orders
--json                  Print raw structured JSON

Covered Categories

How It Works

This MCP server is a thin TypeScript client that calls the BuyAPI backend API. It contains no vendor data; lightweight comparison and cost formatting mirrors the hosted endpoint while vendor intelligence is served from buyapi.ai.

The source is fully open so you can verify there's no prompt injection or hidden behavior. scan previews locally first and only uploads after explicit confirmation or --sync; --dry-run never uploads. Sync sends detected tool metadata, derived stack context, checked file names, repo URL metadata when provided, and filtered unknown package candidates for review. It does not send source code or environment values.

Data Transparency

• All vendor data is publicly viewable at buyapi.ai
• Every profile shows when it was last updated and data source
• BuyAPI does not accept payment from vendors for ranking influence
• Inaccurate-data reporting, suggested edits, reviews, and vendor-claim requests exist behind moderation; vendor self-service editing is not live.

Troubleshooting

• If your MCP client supports remote MCP URLs, use https://buyapi.ai/api/mcp first.
• If remote MCP is not supported, configure the local stdio server with command: "npx" and args: ["-y", "buyapi", "mcp"].
• Do not add banners or prompts to the stdio server command; stdout is reserved for MCP protocol messages.
• If anonymous rate limits are hit, create an API key in the BuyAPI dashboard and pass it as BUYAPI_API_KEY where your client supports environment variables.
• If a tool or vendor is missing, ask BuyAPI anyway. Unknown requests are treated as demand signals for future corpus expansion.

Disclaimer

BuyAPI profiles combine first-party sources, manual review, public evidence, and structured estimates. Vendor data can become stale or incomplete, especially pricing and limits. Use BuyAPI as a decision-support layer, verify critical production commitments directly with the vendor, and report outdated facts through the website when the reporting flow is available.

License

MIT