by glifxyz
Easily run glif.app AI workflows inside your LLM: image generators, memes, selfies, and more. Glif supports all major multimedia AI models inside one app
# Add to your Claude Code skills
git clone https://github.com/glifxyz/glif-mcp-serverGuides for using mcp servers skills like glif-mcp-server.
Last scanned: 5/30/2026
{
"issues": [
{
"type": "npm-audit",
"message": "@hono/node-server: @hono/node-server has authorization bypass for protected static paths via encoded slashes in Serve Static Middleware",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@modelcontextprotocol/sdk: @modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse",
"severity": "high"
},
{
"type": "npm-audit",
"message": "ajv: ajv has ReDoS when using `$data` option",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "fast-uri: fast-uri vulnerable to path traversal via percent-encoded dot segments",
"severity": "high"
},
{
"type": "npm-audit",
"message": "hono: Hono JWK Auth Middleware has JWT algorithm confusion when JWK lacks \"alg\" (untrusted header.alg fallback)",
"severity": "high"
},
{
"type": "npm-audit",
"message": "path-to-regexp: path-to-regexp vulnerable to Denial of Service via sequential optional groups",
"severity": "high"
},
{
"type": "npm-audit",
"message": "picomatch: Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching",
"severity": "high"
},
{
"type": "npm-audit",
"message": "postcss: PostCSS has XSS via Unescaped </style> in its CSS Stringify Output",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "qs: qs's arrayLimit bypass in comma parsing allows denial of service",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "rollup: Rollup 4 has Arbitrary File Write via Path Traversal",
"severity": "high"
},
{
"type": "npm-audit",
"message": "vite: Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling",
"severity": "high"
}
],
"status": "WARNING",
"scannedAt": "2026-05-30T16:16:41.731Z",
"npmAuditRan": true,
"pipAuditRan": true
}glif-mcp-server is an open-source mcp servers skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by glifxyz. Easily run glif.app AI workflows inside your LLM: image generators, memes, selfies, and more. Glif supports all major multimedia AI models inside one app. It has 173 GitHub stars.
glif-mcp-server returned warnings in SkillsLLM's automated security scan. It has no critical vulnerabilities, but review the flagged issues in the Security Report section before adding it to your workflow.
Clone the repository with "git clone https://github.com/glifxyz/glif-mcp-server" and add it to your Claude Code skills directory (see the Installation section above).
glif-mcp-server is primarily written in TypeScript. It is open-source under glifxyz on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other MCP Servers skills you can browse and compare side by side. Open the MCP Servers category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh glif-mcp-server against similar tools.
No comments yet. Be the first to share your thoughts!
Top skills in this category by stars
Requires a passing catalog security scan. Resolve the flagged issues and resubmit to enable featuring.
MCP server for running AI workflows from glif.app.
For more info check out https://glif.app or join our Discord server: https://discord.gg/glif
If you have nodejs installed, you can run our @glifxyz/glif-mcp-server package via npx:
Get your API token from https://glif.app/settings/api-tokens
Add the server in your Claude Desktop config file. On macOS this is: ~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"glif": {
"command": "npx",
"args": ["-y", "@glifxyz/glif-mcp-server@latest"],
"env": {
"GLIF_API_TOKEN": "your-token-here"
}
}
}
}
git clone https://github.com/glifxyz/glif-mcp-server
cd glif-mcp-server
npm install
npm run build
Then configure your MCP client:
{
"mcpServers": {
"glif": {
"command": "node",
"args": ["/path/to/glif-mcp/build/index.js"],
"env": {
"GLIF_API_TOKEN": "your-token-here"
}
}
}
}
You can also specify workflow IDs (comma-separated) which will be loaded automatically:
{
"mcpServers": {
"glif": {
"command": "node",
"args": ["/path/to/glif-mcp/build/index.js"],
"env": {
"GLIF_API_TOKEN": "your-token-here",
"GLIF_IDS": "cm2v9aiga00008vfqdiximl2m,cm2v98jk6000r11afslqvooil"
}
}
}
}
Environment variables:
GLIF_API_TOKEN - Required. Your API token from https://glif.app/settings/api-tokensGLIF_IDS - Optional. Comma-separated workflow IDs to load as tools automaticallyIGNORE_DISCOVERY_TOOLS - Set to true to disable discovery toolsAGENT_TOOLS - Set to true to enable agent toolsrun_workflow - Run a workflow with the specified ID and inputsworkflow_info - Get detailed information about a workflowlist_featured_workflows - Get a curated list of featured workflowssearch_workflows - Search for workflows by name or descriptionmy_workflows - Get a list of your workflowsmy_user_info - Get detailed information about your accountAGENT_TOOLS=true)list_agents - Get a list of agents with optional filteringload_agent - Load an agent and get its details including personality and workflowsglif://{id} - Get workflow metadataglifRun://{id} - Get run detailsglifUser://{id} - Get user profilenpm install
npm run build
npm run dev # auto-rebuild
npm run test # run tests
npm run inspector
package.json and src/index.ts and bump the versionnpm install to update lockfilenpm run release (requires gh CLI)MIT - see LICENSE