Was this page helpful?
The complete reference of every tool Zephex provides. Each tool is available immediately when your API key is active.
The proxy routes each call by tool name to the right backend. Add or remove tools without changing your editor config.
Zephex provides 10 tools through a single MCP endpoint. Your AI agent discovers them via tools/listand calls them as needed. No configuration per tool — they're all available on every plan.
| Category | Tools | What they do |
|---|---|---|
| Project | get_project_context, scope_task | Understand projects and plan changes |
| Code | read_code, find_code, explain_architecture | Read, search, and map codebases |
| Packages | check_package, audit_package | Verify safety and plan upgrades |
| External | audit_headers, Zephex_dev_info | Audit URLs and access expert knowledge |
| Reasoning | keep_thinking | Structured debugging and planning |
get_project_context
Understands your entire project in one call — framework, package manager, scripts, dependencies, entry points, env vars, and monorepo structure.
When to use:
read_code
AST-based surgical code extraction. Three modes: symbol (extract by name), file (batch read), outline (structural TOC). Returns signatures and bodies at a fraction of full-file tokens.
When to use:
find_code
BM25-ranked code search with AST-aware context. Supports literal, regex, and boolean queries. Returns ranked results with full function/class bodies.
When to use:
explain_architecture
End-to-end architecture analysis with Mermaid diagrams. Detects entry points, auth flow, data flow, service boundaries, external services, and anti-patterns.
When to use:
scope_task
Give it a plain-English task, get back the minimal file set needed. Returns focus files with roles, reusable utilities, callers at risk, and a suggested approach.
When to use:
check_package
Live registry lookup for any package: version status, supply-chain attack signals, typosquat detection, maintainer changes, weekly downloads, and license.
When to use:
audit_package
Deep package analysis: breaking changes between versions, CVE list with CVSS scores, migration steps, real code diffs, deprecated APIs, and peer-dep conflicts.
When to use:
audit_headers
Wire-level audit of deployed URLs: security headers, SSL/TLS certificates, redirect chains, and cookie flags. Returns an A+ to F grade with fix snippets for your stack.
When to use:
Zephex_dev_info
Expert developer knowledge base covering database schemas, security patterns, frontend/backend best practices, authentication flows, and deployment guides.
When to use:
keep_thinking
Persistent reasoning sessions that track hypotheses, observations, and conclusions. Prevents circular debugging, detects endless loops, and anchors to the original goal.
When to use:
The real power is in combinations. A typical productive session:
See Tool Workflows for detailed examples of multi-tool sessions.