# Add to your Claude Code skills
git clone https://github.com/disruption-hub/payloadcmsmcpGuides for using mcp servers skills like payloadcmsmcp.
Last scanned: 5/30/2026
{
"issues": [
{
"type": "npm-audit",
"message": "@tootallnate/once: @tootallnate/once vulnerable to Incorrect Control Flow Scoping",
"severity": "low"
},
{
"type": "npm-audit",
"message": "@vercel/fun: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@vercel/gatsby-plugin-vercel-builder: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@vercel/hydrogen: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@vercel/node: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@vercel/redwood: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@vercel/remix-builder: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@vercel/static-build: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@vercel/static-config: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "ajv: ajv has ReDoS when using `$data` option",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "esbuild: esbuild enables any website to send any requests to the development server and read the response",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "path-to-regexp: path-to-regexp outputs backtracking regular expressions",
"severity": "high"
},
{
"type": "npm-audit",
"message": "tar: node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Traversal",
"severity": "high"
},
{
"type": "npm-audit",
"message": "undici: Use of Insufficiently Random Values in undici",
"severity": "high"
},
{
"type": "npm-audit",
"message": "vercel: Vulnerability found",
"severity": "high"
}
],
"status": "WARNING",
"scannedAt": "2026-05-30T16:32:11.342Z",
"npmAuditRan": true,
"pipAuditRan": true
}payloadcmsmcp is an open-source mcp servers skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by disruption-hub. Payload CMS MCP Server. It has 116 GitHub stars.
payloadcmsmcp returned warnings in SkillsLLM's automated security scan. It has no critical vulnerabilities, but review the flagged issues in the Security Report section before adding it to your workflow.
Clone the repository with "git clone https://github.com/disruption-hub/payloadcmsmcp" and add it to your Claude Code skills directory (see the Installation section above).
payloadcmsmcp is primarily written in HTML. It is open-source under disruption-hub on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other MCP Servers skills you can browse and compare side by side. Open the MCP Servers category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh payloadcmsmcp against similar tools.
No comments yet. Be the first to share your thoughts!
Top skills in this category by stars
Requires a passing catalog security scan. Resolve the flagged issues and resubmit to enable featuring.
The Payload CMS 3.0 MCP Server is a specialized Model Context Protocol server designed to enhance your Payload CMS development experience. It helps developers build better Payload CMS applications by providing code validation, template generation, and project scaffolding capabilities that follow best practices.
validate - Validate code for collections, fields, globals, and configquery - Query validation rules and best practicesmcp_query - Execute SQL-like queries for Payload CMS structuresgenerate_template - Generate code templates for various componentsgenerate_collection - Create complete collection definitionsgenerate_field - Generate field definitions with proper typingscaffold_project - Create entire Payload CMS project structuresvalidate_scaffold_options - Ensure scaffold options follow best practices (used internally by scaffold_project)validateValidates Payload CMS code for syntax and best practices.
Parameters:
code (string): The code to validatefileType (enum): Type of file - "collection", "field", "global", or "config"Example Prompt:
Can you validate this Payload CMS collection code?
```typescript
export const Posts = {
slug: 'posts',
fields: [
{
name: 'title',
type: 'text',
required: true,
},
{
name: 'content',
type: 'richText',
}
],
admin: {
useAsTitle: 'title',
}
}
queryQueries validation rules and best practices for Payload CMS.
Parameters:
query (string): The query stringfileType (optional enum): Type of file - "collection", "field", "global", or "config"Example Prompt:
What are the best practices for implementing access control in Payload CMS collections?
mcp_queryExecutes SQL-like queries against Payload CMS structures.
Parameters:
sql (string): SQL-like query stringExample Prompt:
Can you execute this query to find all valid field types in Payload CMS?
SELECT field_types FROM payload_schema WHERE version = '3.0'
generate_templateGenerates code templates for various Payload CMS components.
Parameters:
templateType (enum): Type of template - "collection", "field", "global", "config", "access-control", "hook", "endpoint", "plugin", "block", "migration"options (record): Configuration options for the templateExample Prompt:
Generate a template for a Payload CMS hook that logs when a document is created.
generate_collectionGenerates a complete Payload CMS collection definition.
Parameters:
slug (string): Collection slugfields (optional array): Array of field objectsauth (optional boolean): Whether this is an auth collectiontimestamps (optional boolean): Whether to include timestampsadmin (optional object): Admin panel configurationhooks (optional boolean): Whether to include hooksaccess (optional boolean): Whether to include access controlversions (optional boolean): Whether to enable versioningExample Prompt:
Generate a Payload CMS collection for a blog with title, content, author, and published date fields. Include timestamps and versioning.
generate_fieldGenerates a Payload CMS field definition.
Parameters:
name (string): Field nametype (string): Field typerequired (optional boolean): Whether the field is requiredunique (optional boolean): Whether the field should be uniquelocalized (optional boolean): Whether the field should be localizedaccess (optional boolean): Whether to include access controladmin (optional object): Admin panel configurationvalidation (optional boolean): Whether to include validationdefaultValue (optional any): Default value for the fieldExample Prompt:
Generate a Payload CMS image field with validation that requires alt text and has a description in the admin panel.
scaffold_projectScaffolds a complete Payload CMS project structure.
Parameters:
projectName (string): Name of the projectdescription (optional string): Project descriptionserverUrl (optional string): Server URLdatabase (optional enum): Database type - "mongodb" or "postgres"auth (optional boolean): Whether to include authenticationadmin (optional object): Admin panel configurationcollections (optional array): Array of collection objectsglobals (optional array): Array of global objectsblocks (optional array): Array of block objectsplugins (optional array): Array of plugin stringstypescript (optional boolean): Whether to use TypeScriptExample Prompt:
Scaffold a Payload CMS project called "blog-platform" with MongoDB, authentication, and collections for posts, categories, and users. Include a global for site settings.
Before you begin, make sure you have:
To use with Cursor IDE:
railway run --service=YOUR_SERVICE_IDOnce configured, you can use these tools in your AI prompts:
A typical workflow with the Payload CMS MCP Server:
Here's a complete example of how you might use the MCP server in a conversation:
User: I need to create a Payload CMS collection for a product catalog.
AI: I'll help you create a product catalog collection. Let me generate a template for you.
[Uses generate_collection tool]
Here's a collection template for your product catalog:
```typescript
import { CollectionConfig } from 'payload/types';
export const Products: CollectionConfig = {
slug: 'products',
admin: {
useAsTitle: 'name',
defaultColumns: ['name', 'price', 'category', 'inStock'],
group: 'Shop',
},
access: {
read: () => true,
},
fields: [
{
name: 'name',
type: 'text',
required: true,
},
{
name: 'description',
type: 'richText',
},
{
name: 'price',
type: 'number',
required: true,
},
{
name: 'category',
type: 'relationship',
relationTo: 'categories',
required: true,
},
{
name: 'images',
type: 'array',
fields: [
{
name: 'image',
type: 'upload',
relationTo: 'media',
required: true,
},
{
name: 'altText',
type: 'text',
required: true,
}
]
},
{
name: 'inStock',
type: 'checkbox',
defaultValue: true,
},
],
timestamps: true,
}
User: Can you validate this code to make sure it follows best practices?
AI: I'll validate the code for you.
[Uses validate tool]
The validation results show that your code is valid and follows best practices. Here are a few suggestions: