Installation
Slash commands — complete reference
Zephex Mode 2 REPL: type / for 37 scrollable commands (116 unique slashes when you filter — 44 zoom filters + 37 more). Same 10 hosted MCP tools as Cursor — answer cards in plain English, no agent required. Every command below has when-to-use, output, example, and argv equivalent.
Craft: starred rows are start-here (/overview, /find, /test, /safe, /supply…). Output is an answer card when the tool returns structured data — not a chat essay. Local shell: mcpcli then /. Web: dashboard terminal.
Also read: CLI commands (argv) · Mode 2 overview · Test Pulse · Plain-English tools · Plans & quota
30-second start
curl -fsSL https://zephex.dev/install.sh | bashcd your-appmcpcli/login/overview/find auth/test/failuresHow the palette works
- Run
mcpcliinside a project folder (or use zephex.dev/cli in the browser). - Type
/— header shows/ commands · 10 tools · 37 cmds. - ↑↓ highlights a row; Tab fills; Enter runs. Type more to filter (e.g.
/auth). - Saying a command name in Voice Mode navigates only — say run or go to execute.
Keyboard
| Key | Action |
|---|---|
/ | Open palette (37 commands on empty filter) |
↑ ↓ | Move highlight |
PgUp PgDn | Jump ~8 rows |
Tab | Fill highlighted command into input line |
Enter | Run filled command |
Esc | Close palette / cancel |
F8 | Voice Mode push-to-talk |
All 105 slash aliases
Typing these after / resolves to the canonical slash (from SLASH_ALIASES in the CLI). Includes typos like /grep → /find and argv habits like /get-context → /context.
| You type | Resolves to |
|---|---|
/arch | /architecture |
/auditpkg | /migrate |
/batch | /files |
/blast_radius | /blast |
/blast-radius | /blast |
/brief | /brief |
/briefing | /brief |
/broken | /site |
/caller | /who |
/callers | /who |
/chain | /supply |
/check_package | /package |
/check_test | /test |
/check-package | /package |
/check-test | /test |
/check-url | /check-url |
/cli | /terminal |
/cli-guide | /cli-guide |
/cliguide | /cli-guide |
/compass | /compass |
/count | /find |
/coverage | /test-coverage |
/css | /styling |
/dead-code | /dead |
/deadcode | /dead |
/debug-think | /reason |
/dependencies | /deps |
/diff | /changes |
/disconnect | /disconnect |
/doctor | /doctor |
/everywhere | /everywhere |
/failed | /failures |
/failures | /failures |
/file | /files |
/find_code | /find |
/find-code | /find |
/fix-prompt | /test-fix |
/fixme | /todos |
/flaky | /test-flaky |
/get_context | /context |
/get_project_context | /context |
/get-context | /context |
/get-project-context | /context |
/grep | /find |
/header-audit | /check-url |
/headers | /check-url |
/health | /summary |
/install | /setup |
/layout | /structure |
/locate | /paste |
/menu | /terminal |
/over | /overview |
/paste | /paste |
/pkg | /package |
/plan | /plan |
/pulse | /site |
/reconnect | /reconnect |
/rename | /rename |
/repair | /repair |
/run | /setup |
/scan_web | /web |
/scan-web | /web |
/scope_task | /scope |
/scope-task | /scope |
/search | /search |
/security | /auth |
/shadow-audit | /shadow-audit |
/shadow-diff | /shadow-diff |
/shadow-last | /shadow-last |
/sign-in | /login |
/sign-out | /logout |
/signin | /login |
/signout | /logout |
/site-history | /site-history |
/site-last | /site-last |
/site-tech | /site-tech |
/start | /setup |
/stats | /stats |
/summary | /summary |
/sup | /supply |
/supabase | /supabase |
/supply-history | /supply-history |
/supply-keys | /supply-keys |
/supply-last | /supply-last |
/supply-repo | /supply-repo |
/tech | /site-tech |
/tech-debt | /todos |
/test-coverage | /test-coverage |
/test-dry | /test-dry |
/test-failures | /failures |
/test-fix | /test-fix |
/test-flaky | /test-flaky |
/test-health | /summary |
/test-history | /test-history |
/test-last | /test-last |
/test-learn | /test-learn |
/test-list | /test-list |
/test-status | /summary |
/test-summary | /summary |
/testing | /setup |
/tree | /structure |
/usages | /usages |
/vs | /compare |
/website | /web |
/website_overview | /web |
Quota & credits
One successful hosted MCP tool call = one request on your plan (usage limits). Failed runs do not bill.
/failures, /summary, /test-last, /test-coverage, /test-list— 0 when cached check_test session exists (30m TTL)/test-dry, /compare, /site, /shadow, /history, /again— 0 — local only, no MCP round-trip/help, /clear, /doctor, /usage, /learn, /compass, /terminal— 0 — meta / disk reads/test, /find, /safe, /read, /deps— ~5 per successful MCP call/context, /architecture, /auth, /framework, …— ~7 per successful get_project_context slice/check-url, /audit— ~6 — audit_headers MCP/think, /reason, /remember, /recall— ~4 per successful call/docs— ~2 — Zephex_dev_info KB lookup/overview, /web— ~7–10 bundled orchestration (web terminal)
All 37 palette commands (table)
| Slash | Runs | MCP tool | What it does | Credits |
|---|---|---|---|---|
/overview ★ | overview | — | Best first command — story, stack, run; filter /structure /setup /stats | 0 |
/web ★ | web example.com | — | Live site intel — stack, headers, secrets; filter /site /check-url /shadow | 0 |
/architecture ★ | architecture | explain_architecture | explain_architecture — wiring map; how pieces connect before you edit | ~7 |
/context | get-context | get_project_context | get_project_context — one-call brief; filter /auth /database /deploy /framework | ~7 |
/test ★ | check test | check_test | check_test — runs your suite and reports failures; filter /failures /summary /test-fix | ~5 |
/failures ★ | check test failures | check_test | Opens the last run — every failure, broken files, and what to try next (0 credits) | ~5 |
/summary ★ | check test status | check_test | Health dashboard from cached session — coverage and blind spots, no re-run | ~5 |
/test-fix ★ | check test fix-prompt --copy | check_test | When tests fail — copy a fix prompt and paste into your agent | ~5 |
/find ★ | find auth | find_code | find_code — ripgrep across repo; filter /defs /usages /rename /paste /everywhere | ~5 |
/read ★ | read src/index.ts | read_code | read_code — plain-English file brief; filter /symbol /who /files /scan | ~5 |
/supply ★ | supply https://example.com | — | Wide security scan — filter /supply-site /supply-audit /secrets | 0 |
/safe ★ | safe react | check_package | check_package — CVEs & maintainer risk; filter /upgrade /migrate /compare | ~5 |
/deps ★ | deps | check_package | check_package — every direct dep in package.json; filter /package for one pkg | ~5 |
/doctor ★ | doctor | — | Node, network, API key, editor configs | 0 |
/changes | changes | — | Diff summary — what changed locally | 0 |
/env-check | env-check | — | Required env vars and .env gaps | 0 |
/routes | routes | — | API endpoints and route map | 0 |
/todos | todos | — | FIXME / tech-debt scan | 0 |
/think ★ | think "debug this bug" | keep_thinking | keep_thinking — agent reasoning scaffold; filter /reason /debug-think | ~4 |
/memory ★ | memory list | project_memory | project_memory — list/recall/remember; filter /remember /recall | ~4 |
/ask | ask "where is login" | — | Natural-language router — when you do not know which tool | 0 |
/learn ★ | learn | — | All 10 MCP tools — commands, examples, when to skip; type /learn find_code | 0 |
/usage | usage | — | Quota used / limit | 0 |
/help | help | — | All /commands + 10 MCP tools — same tools in Cursor via npx zephex setup | 0 |
/connect | connect | — | npx zephex setup for Cursor / VS Code | 0 |
/cli-guide | cli-guide | — | Mode 2 walkthrough — no AI agent | 0 |
/compass | compass | — | Find the right command for any phrase | 0 |
/terminal | terminal | — | Full command list — Mode 2 | 0 |
/status | status | — | Editor MCP install sanity check | 0 |
/login | login | — | Browser sign-in or paste API key | 0 |
/clear | clear | — | Clear the terminal | 0 |
/repair | repair | — | Fix broken MCP editor config | 0 |
/reconnect | reconnect | — | Revoke key + fresh editor setup | 0 |
/disconnect | disconnect --cursor | — | Remove Zephex from an editor | 0 |
/init | init --terminal | — | First-run terminal wizard | 0 |
/keys | keys | — | Billing keys | 0 |
/logout | logout | — | Disconnect zephex.dev credentials | 0 |
Per-command reference
Same order as the live REPL palette — scroll matches your terminal.
/overview ★ — Overview
Runs: overview · 0 quota (local/meta)
Best first command — story, stack, run; filter /structure /setup /stats
When: First command on any repo — before find, read, or test.
You get: Product story, language bars, repo size, install/run commands, numbered next steps.
Example: /overview
Same without slash: mcpcli overview
Filter into: /structure /setup /stats /readme /brief
Tip: Costs ~7 internal context calls bundled into one billed command on web terminal.
/web ★ — Website Overview
Runs: web example.com · 0 quota (local/meta)
Live site intel — stack, headers, secrets; filter /site /check-url /shadow
When: You have a live URL (staging or prod) and want stack + security intel fast.
You get: Hosted scan: framework guess, headers, exposed secrets in JS, tech decode.
Example: /web zephex.dev
Same without slash: mcpcli web zephex.dev
Filter into: /site /check-url /shadow /site-tech /secrets
Tip: Replace example.com in the fill line with your domain before Enter.
/architecture ★ — Architecture
Runs: architecture · MCP: explain_architecture · ~~7 req on success
explain_architecture — wiring map; how pieces connect before you edit
When: Before cross-cutting edits — auth, billing, API wiring, deploy path.
You get: Entry points, request flows, external services, Mermaid-style wiring map.
Example: /architecture --focus auth
Same without slash: mcpcli architecture --focus auth
Tip: Run after /overview when the repo is unfamiliar.
/context — Full brief
Runs: get-context · MCP: get_project_context · ~~7 req on success
get_project_context — one-call brief; filter /auth /database /deploy /framework
When: You need the full technical brief: stack, scripts, env, monorepo, integrations.
You get: get_project_context snapshot — same data agents see, formatted for humans.
Example: /context
Same without slash: mcpcli get-context
Filter into: /auth /database /deploy /framework /backend /frontend /monorepo /integrations /scripts /quick /supabase /styling
/test ★ — Run tests
Runs: check test · MCP: check_test · ~~5 req on success
check_test — runs your suite and reports failures; filter /failures /summary /test-fix
When: After code changes — run the real test suite and get structured failures.
You get: Runner detection, pass/fail counts, failure clusters, fix_first suggestions.
Example: /test
Same without slash: mcpcli check test
Filter into: /test-coverage /test-list /test-last /test-flaky /test-dry /scope /plan
Tip: See Test Pulse docs for full subcommand list.
/failures ★ — Test failures
Runs: check test failures · MCP: check_test · ~~5 req on success
Opens the last run — every failure, broken files, and what to try next (0 credits)
When: Tests just failed — drill into every failure without re-running the suite.
You get: Last run: broken files, error messages, pattern clusters, what to try next.
Example: /failures
Same without slash: mcpcli check test failures
Tip: 0 extra credits when reading cached session (30m TTL).
/summary ★ — Test health
Runs: check test status · MCP: check_test · ~~5 req on success
Health dashboard from cached session — coverage and blind spots, no re-run
When: Health check without re-running — coverage gaps, blind spots, file-level status.
You get: Dashboard from cached check_test session: coverage by area, risky files.
Example: /summary
Same without slash: mcpcli check test status
Tip: 0 credits on cached session.
/test-fix ★ — Test fix prompt
Runs: check test fix-prompt --copy · MCP: check_test · ~~5 req on success
When tests fail — copy a fix prompt and paste into your agent
When: You want a copy-paste prompt for Cursor/Claude to fix failing tests.
You get: AI fix prompt built from last failure run — use --copy to clipboard.
Example: /test-fix
Same without slash: mcpcli check test fix-prompt --copy
/find ★ — Find code
Runs: find auth · MCP: find_code · ~~5 req on success
find_code — ripgrep across repo; filter /defs /usages /rename /paste /everywhere
When: You know what to search for (symbol, string, env var) but not which file.
You get: Ranked ripgrep hits with paths, line numbers, optional AST context.
Example: /find "auth middleware"
Same without slash: mcpcli find-code "auth middleware"
Filter into: /defs /usages /rename /everywhere /paste /where /search
/read ★ — Read file
Runs: read src/index.ts · MCP: read_code · ~~5 req on success
read_code — plain-English file brief; filter /symbol /who /files /scan
When: You have a file path — get outline, symbol body, or plain-English summary.
You get: read_code output: TOC for large files, function bodies, batch reads.
Example: /read src/lib/auth.ts
Same without slash: mcpcli outline src/lib/auth.ts
Filter into: /symbol /outline /files /who /scan /smell /dead /blast /summarize
Tip: Use /outline on 300+ line files before /symbol.
/supply ★ — Supply Pulse
Runs: supply https://example.com · 0 quota (local/meta)
Wide security scan — filter /supply-site /supply-audit /secrets
When: Security review of a live site or GitHub repo — secrets, CVEs, deploy surface.
You get: Supply Pulse: leaked keys, outdated JS libs, chain analysis, wide scan.
Example: /supply https://zephex.dev
Same without slash: mcpcli supply https://zephex.dev
Filter into: /supply-site /supply-audit /supply-repo /supply-keys /secrets /supply-last /supply-history
/safe ★ — Is it safe?
Runs: safe react · MCP: check_package · ~~5 req on success
check_package — CVEs & maintainer risk; filter /upgrade /migrate /compare
When: Before npm install — is this package safe, maintained, CVE-free?
You get: check_package safety: version, weekly downloads, typosquat signals, CVEs.
Example: /safe express
Same without slash: mcpcli safe express
Filter into: /package /upgrade /migrate /compare
/deps ★ — All deps
Runs: deps · MCP: check_package · ~~5 req on success
check_package — every direct dep in package.json; filter /package for one pkg
When: Audit every direct dependency in package.json in one shot.
You get: Batch check_package across all direct deps — outdated, risky, abandoned.
Example: /deps
Same without slash: mcpcli deps
/doctor ★ — Doctor
Runs: doctor · 0 quota (local/meta)
Node, network, API key, editor configs
When: Something broke — MCP not connecting, wrong Node, bad API key.
You get: Node version, network reachability, ~/.zephex credentials, editor config paths.
Example: /doctor
Same without slash: mcpcli doctor
Tip: Run before editing JSON by hand.
/changes — Git changes
Runs: changes · 0 quota (local/meta)
Diff summary — what changed locally
When: Quick git diff summary before a commit or PR.
You get: What changed locally — files touched, rough scope.
Example: /changes
Same without slash: mcpcli changes
/env-check — Env check
Runs: env-check · 0 quota (local/meta)
Required env vars and .env gaps
When: Missing .env vars blocking dev — compare required vs present.
You get: Required env keys from code/config vs your .env.example gaps.
Example: /env-check
Same without slash: mcpcli env-check
/routes — Routes
Runs: routes · 0 quota (local/meta)
API endpoints and route map
When: Map API routes and HTTP handlers in the codebase.
You get: Route table: paths, methods, handler files.
Example: /routes
Same without slash: mcpcli routes
/todos — TODOs
Runs: todos · 0 quota (local/meta)
FIXME / tech-debt scan
When: Tech-debt sweep — FIXME, TODO, HACK across the repo.
You get: Aggregated TODO/FIXME markers with file paths.
Example: /todos
Same without slash: mcpcli todos
/think ★ — Think
Runs: think "debug this bug" · MCP: keep_thinking · ~~4 req on success
keep_thinking — agent reasoning scaffold; filter /reason /debug-think
When: Stuck on a bug — structured reasoning without burning agent context.
You get: One-shot keep_thinking: hypotheses, next checks, risk flags.
Example: /think "debug 401 after token refresh"
Same without slash: mcpcli think "debug 401"
Filter into: /reason /debug-think
Tip: Multi-turn sessionId flows are editor-only.
/memory ★ — Project memory
Runs: memory list · MCP: project_memory · ~~4 req on success
project_memory — list/recall/remember; filter /remember /recall
When: List or manage cross-session project facts.
You get: project_memory list — titles and ids of saved decisions/gotchas.
Example: /memory list
Same without slash: mcpcli memory list
Filter into: /remember /recall
/ask — Ask
Runs: ask "where is login" · 0 quota (local/meta)
Natural-language router — when you do not know which tool
When: Plain English — you do not know which tool to pick.
You get: Intent router → find_code, get_context, check_package, or architecture.
Example: /ask "where is login handled"
Same without slash: mcpcli ask "where is login"
/learn ★ — Learn tools
Runs: learn · 0 quota (local/meta)
All 10 MCP tools — commands, examples, when to skip; type /learn find_code
When: Forgot command names — index of all 10 MCP tools with examples.
You get: Per-tool purpose, aliases, copy-paste commands — no API call.
Example: /learn find_code
Same without slash: mcpcli learn
/usage — Usage
Runs: usage · 0 quota (local/meta)
Quota used / limit
When: Check monthly quota — how many requests left on your plan.
You get: Used / limit for current billing month.
Example: /usage
Same without slash: mcpcli usage
Tip: 0 credits — local dashboard API read.
/help — Help
Runs: help · 0 quota (local/meta)
All /commands + 10 MCP tools — same tools in Cursor via npx zephex setup
When: Full command reference in the terminal.
You get: Account commands, slash quick ref, editor setup pointers.
Example: /help
Same without slash: mcpcli help
/connect — Editor setup
Runs: connect · 0 quota (local/meta)
npx zephex setup for Cursor / VS Code
When: Wire Zephex MCP into Cursor, VS Code, Claude Code, etc.
You get: Launches npx zephex setup flow — browser OAuth → API key → editor JSON.
Example: /connect
Same without slash: mcpcli connect --cursor
/cli-guide — CLI guide
Runs: cli-guide · 0 quota (local/meta)
Mode 2 walkthrough — no AI agent
When: Mode 2 walkthrough by topic — project scenarios, auth, monorepo.
You get: Deep guide pages in terminal (no MCP call).
Example: /cli-guide project
Same without slash: mcpcli cli-guide
/compass — Command compass
Runs: compass · 0 quota (local/meta)
Find the right command for any phrase
When: Typo or question typed as a command — get copy-paste fixes.
You get: Command Compass menu: Did you mean + runnable picks (TTY).
Example: /compass "where is my database"
Same without slash: mcpcli compass "where is database"
/terminal — Terminal menu
Runs: terminal · 0 quota (local/meta)
Full command list — Mode 2
When: Re-open the full terminal command menu.
You get: Same as help terminal — every Mode 2 alias.
Example: /terminal
Same without slash: mcpcli help terminal
/status — Status
Runs: status · 0 quota (local/meta)
Editor MCP install sanity check
When: Verify Zephex is installed in each editor config.
You get: Per-editor MCP reachability from disk configs.
Example: /status
Same without slash: mcpcli status
/login — Sign in
Runs: login · 0 quota (local/meta)
Browser sign-in or paste API key
When: Sign in or paste API key in terminal-only mode.
You get: Browser OAuth to zephex.dev/cli/auth or credential paste.
Example: /login
Same without slash: mcpcli setup
/clear — Clear
Runs: clear · 0 quota (local/meta)
Clear the terminal
When: Clear terminal scrollback.
You get: Clears screen — local only.
Example: /clear
Same without slash: clear
/repair — Repair
Runs: repair · 0 quota (local/meta)
Fix broken MCP editor config
When: Editor shows empty tools/list — stale npx pin in mcp.json.
You get: Rewrites broken stdio entries to zephex@latest across editor configs.
Example: /repair
Same without slash: mcpcli repair
/reconnect — Reconnect
Runs: reconnect · 0 quota (local/meta)
Revoke key + fresh editor setup
When: Fresh API key + re-setup one editor.
You get: disconnect --quiet + setup with editor flag.
Example: /reconnect --cursor
Same without slash: mcpcli reconnect --cursor
/disconnect — Disconnect
Runs: disconnect --cursor · 0 quota (local/meta)
Remove Zephex from an editor
When: Remove Zephex from an editor and revoke key server-side.
You get: Strips MCP block from editor JSON; revokes key in dashboard.
Example: /disconnect --cursor
Same without slash: mcpcli disconnect --cursor
/init — Init
Runs: init --terminal · 0 quota (local/meta)
First-run terminal wizard
When: First run on a new machine — wizard with prereq checks.
You get: Browser sign-in, ~/.zephex credentials, optional editor setup.
Example: /init --terminal
Same without slash: mcpcli init --terminal
/keys — API keys
Runs: keys · 0 quota (local/meta)
Billing keys
When: See masked API keys and usage without opening the browser.
You get: Key prefixes, per-key usage, link to dashboard.
Example: /keys
Same without slash: mcpcli keys
/logout — Sign out
Runs: logout · 0 quota (local/meta)
Disconnect zephex.dev credentials
When: Sign out of terminal credentials only (~/.zephex).
You get: Deletes local credentials; does not remove editor MCP configs unless --all.
Example: /logout
Same without slash: mcpcli logout
Grouped palette
Learn the repo (3)
/overview★ — Product story, stack bars, how to run/architecture★ — Entry points, auth flow, APIs/context— Stack, deps, scripts, integrations
Live scans (2)
Local CLI (24)
/test★ — Full suite — every file, failures + why clusters/failures★ — What broke + pattern clusters — 0 credits/summary★ — Coverage, files, blind spots — 0 credits/test-fix★ — AI fix prompt from last run/safe★ — Before npm install — CVEs + risk/deps★ — Scan direct dependencies in package.json/doctor★ — Node, network, API key, editor configs/changes— Diff summary — what changed locally/env-check— Required env vars and .env gaps/routes— API endpoints and route map/todos— FIXME / tech-debt scan/think★ — Structured multi-step reasoning/ask— Routes to find, context, or package/learn★ — What each MCP tool does — no API call/cli-guide— Mode 2 walkthrough — no AI agent/compass— Find the right command for any phrase/terminal— Full command list — Mode 2/status— Editor MCP install sanity check/login— Browser sign-in or paste API key/repair— Fix broken MCP editor config/reconnect— Revoke key + fresh editor setup/disconnect— Remove Zephex from an editor/init— First-run terminal wizard/logout— Disconnect zephex.dev credentials
Search (1)
/find★ — Search symbols, strings, usages
Read (1)
/read★ — Plain-English summary — paste any file path
Terminal (3)
Test Pulse (/test family)
Full guide: Test Pulse · subcommands
/test # run full suite (~5 credits)/failures # last run failures (0 if cached)/summary # health dashboard (0 if cached)/test-fix # copy AI fix prompt to clipboard/test-coverage # per-file coverage table/test-list # all test files + pass/fail counts/test-dry # show detected runner — 0 credits/scope-task "add auth" # map task → files to touchget_project_context filters
Type after / to zoom without full /context. Each costs ~7 requests on success — same MCP tool, narrower topic.
/framework /backend /frontend /database /auth /deploy/monorepo /integrations /scripts /quick /supabase /stylingFilter commands (44)
Not shown on bare / — type them to zoom in. Parent command in parentheses.
| Slash | Runs | MCP tool | What it does | Credits |
|---|---|---|---|---|
/structure | structure | get_project_context | Folders, packages, monorepo — under /overview | ~7 |
/setup | setup | get_project_context | Install + run commands — under /overview | ~7 |
/stats | stats | — | Layout snapshot — overview covers most of this | 0 |
/summarize | summarize src/big.ts | read_code | Alias for /read — batch up to 8 files | ~5 |
/who | who validateToken | read_code | Call sites + blast radius — under /read | ~5 |
/readme | read README.md | read_code | Plain-English README — same as /read | ~5 |
/safe | safe react | check_package | Before npm install — CVEs + risk | ~5 |
/deps | deps | check_package | Scan every direct dependency in package.json | ~5 |
/upgrade | upgrade react | check_package | Stack-aware upgrade path | ~5 |
/migrate | migrate prisma | check_package | Breaking changes + migration path | ~5 |
/compare | compare lodash ramda | — | Side-by-side two packages | 0 |
/defs | defs handleAuth | find_code | Where a symbol is defined | ~5 |
/usages | usages handleAuth | find_code | Every call site — or use /who | ~5 |
/rename | rename MyApp | find_code | Every file:line before a rename | ~5 |
/everywhere | everywhere | find_code | Exhaustive rename scan — pass a symbol after | ~5 |
/paste | paste | find_code | Snippet search — paste ≥8 chars after | ~5 |
/where | paste | find_code | Alias for /paste | ~5 |
/search | find auth | find_code | Alias for /find | ~5 |
/symbol | symbol handleAuth | read_code | Function body by name | ~5 |
/outline | outline src/index.ts | read_code | Structural TOC of a large file | ~5 |
/files | files src/index.ts | read_code | Batch-read 1–20 files | ~5 |
/scan | scan TODO,FIXME | read_code | TODO/FIXME across files | ~5 |
/smell | smell src/index.ts | read_code | Bug-pattern pass before you edit | ~5 |
/dead | dead | read_code | Exports nothing calls | ~5 |
/blast | blast validateToken | read_code | Full caller impact — or /who --blast | ~5 |
/site | site example.com | — | Fast local HTTP probe — /web is the full scan | 0 |
/check-url | check url https://example.com --deep | audit_headers | Headers A–F + secrets (add --deep for API keys in JS) | ~6 |
/audit | check url https://example.com | audit_headers | Alias for /check-url | ~6 |
/supply-site | supply site https://example.com | — | Secrets in live JS only | 0 |
/supply-audit | supply audit owner/repo | — | GitHub + live site cross-ref | 0 |
/shadow | shadow | — | Hidden API surface — under /web | 0 |
/shadow-audit | shadow audit owner/repo | — | Hidden API on repo or live URL | 0 |
/shadow-diff | shadow diff | — | Diff last vs previous shadow scan | 0 |
/shadow-last | shadow last | — | Replay last shadow scan session | 0 |
/secrets | secrets https://example.com | — | Supply — secrets phase only | 0 |
/reason | reason "why auth fails" | keep_thinking | Hypothesis-style reasoning — under /think | ~4 |
/debug-think | debug-think "trace this 401" | keep_thinking | Debug-preset reasoning — under /think | ~4 |
/docs | docs "Stripe webhooks" | Zephex_dev_info | Expert implementation KB lookup | ~2 |
/framework | framework | get_project_context | Language, framework, runtime | ~7 |
/auth | auth | get_project_context | Login, sessions, providers | ~7 |
/database | database | get_project_context | ORM, provider, migrations | ~7 |
/deploy | deploy | get_project_context | Hosting, CI, ship path | ~7 |
/backend | backend | get_project_context | API routes and server code | ~7 |
/frontend | frontend | get_project_context | UI framework and entry files | ~7 |
Filter reference (by group)
Learn the repo
/structure — Structure
Runs: structure · MCP: get_project_context · ~~7 req on success
Folders, packages, monorepo — under /overview
When: Monorepo layout, folder tree, package boundaries.
You get: Structural slice of get_project_context — under /overview.
Example: /structure
Same without slash: mcpcli structure
/setup — Setup
Runs: setup · MCP: get_project_context · ~~7 req on success
Install + run commands — under /overview
When: How to install and run this project locally.
You get: Install + dev/test/build commands in plain English.
Example: /setup
Same without slash: mcpcli setup
/stats — Stats
Runs: stats · 0 quota (local/meta)
Layout snapshot — overview covers most of this
When: Quick layout snapshot without full /overview bundle.
You get: File counts, top-level folders, rough size — local meta.
Example: /stats
Same without slash: mcpcli stats
Tip: /overview is richer; use stats when you only need counts.
/readme — README
Runs: read README.md · MCP: read_code · ~~5 req on success
Plain-English README — same as /read
When: Onboarding — plain-English README before diving into src/.
You get: read_code summary of README.md — setup steps in human language.
Example: /readme
Same without slash: mcpcli read README.md
Read
/summarize — Summarize
Runs: summarize src/big.ts · MCP: read_code · ~~5 req on success
Alias for /read — batch up to 8 files
When: Batch-read up to 8 files in one call — PR review or incident triage.
You get: Plain-English summary per file — cheaper than opening each in an editor.
Example: /summarize src/a.ts src/b.ts
Same without slash: mcpcli summarize src/a.ts src/b.ts
/who — Who calls
Runs: who validateToken · MCP: read_code · ~~5 req on success
Call sites + blast radius — under /read
When: Before changing a function — who calls it and how far impact spreads.
You get: Call graph slice: direct callers, import sites, optional blast radius.
Example: /who validateToken
Same without slash: mcpcli who validateToken
Tip: Use /blast for full impact tree.
/symbol — Read symbol
Runs: symbol handleAuth · MCP: read_code · ~~5 req on success
Function body by name
When: You know the symbol name — need the function body without reading the whole file.
You get: AST-extracted signature + body from read_code.
Example: /symbol handleAuth
Same without slash: mcpcli symbol handleAuth
/outline — Outline
Runs: outline src/index.ts · MCP: read_code · ~~5 req on success
Structural TOC of a large file
When: Any file over ~300 lines — get TOC before /symbol.
You get: Structural outline: exports, classes, functions with line anchors.
Example: /outline src/lib/auth.ts
Same without slash: mcpcli outline src/lib/auth.ts
/files — Read files
Runs: files src/index.ts · MCP: read_code · ~~5 req on success
Batch-read 1–20 files
When: Batch-read 1–20 paths — compare handlers or config files side by side.
You get: read_code file mode with optional line pagination.
Example: /files src/middleware.ts src/routes.ts
Same without slash: mcpcli files src/middleware.ts
/scan — Scan keywords
Runs: scan TODO,FIXME · MCP: read_code · ~~5 req on success
TODO/FIXME across files
When: Hunt TODO/FIXME/HACK markers across the tree.
You get: Keyword scan with file:line hits — lighter than /todos for custom tags.
Example: /scan TODO,FIXME
Same without slash: mcpcli scan TODO,FIXME
/smell — Code smell
Runs: smell src/index.ts · MCP: read_code · ~~5 req on success
Bug-pattern pass before you edit
When: Pre-edit sanity check on one file — common bug patterns.
You get: Heuristic pass: nested ternaries, missing awaits, suspicious casts.
Example: /smell src/api/handler.ts
Same without slash: mcpcli smell src/api/handler.ts
/dead — Dead code
Runs: dead · MCP: read_code · ~~5 req on success
Exports nothing calls
When: Cleanup pass — find exports nothing imports.
You get: Dead export candidates with confidence notes.
Example: /dead
Same without slash: mcpcli dead
/blast — Blast radius
Runs: blast validateToken · MCP: read_code · ~~5 req on success
Full caller impact — or /who --blast
When: Large refactor — full caller impact for a symbol.
You get: Transitive blast radius beyond /who direct callers.
Example: /blast validateToken
Same without slash: mcpcli blast validateToken
Deep dives
/safe — Is it safe?
Runs: safe react · MCP: check_package · ~~5 req on success
Before npm install — CVEs + risk
When: Before npm install — is this package safe, maintained, CVE-free?
You get: check_package safety: version, weekly downloads, typosquat signals, CVEs.
Example: /safe express
Same without slash: mcpcli safe express
Filter into: /package /upgrade /migrate /compare
/deps — All deps
Runs: deps · MCP: check_package · ~~5 req on success
Scan every direct dependency in package.json
When: Audit every direct dependency in package.json in one shot.
You get: Batch check_package across all direct deps — outdated, risky, abandoned.
Example: /deps
Same without slash: mcpcli deps
/upgrade — Upgrade
Runs: upgrade react · MCP: check_package · ~~5 req on success
Stack-aware upgrade path
When: Stack-aware upgrade path for one npm package.
You get: check_package upgrade task — breaking changes, migration steps.
Example: /upgrade react
Same without slash: mcpcli upgrade react
/migrate — Migrate pkg
Runs: migrate prisma · MCP: check_package · ~~5 req on success
Breaking changes + migration path
When: Major version bump — need breaking changes and migration checklist.
You get: check_package migrate task — changelog signals + upgrade steps.
Example: /migrate prisma
Same without slash: mcpcli migrate prisma
/compare — Compare
Runs: compare lodash ramda · 0 quota (local/meta)
Side-by-side two packages
When: Choosing between two npm packages — lodash vs ramda, zod vs yup.
You get: Side-by-side: size, maintenance, CVEs, API surface (local, 0 MCP).
Example: /compare lodash ramda
Same without slash: mcpcli compare lodash ramda
/framework — Stack
Runs: framework · MCP: get_project_context · ~~7 req on success
Language, framework, runtime
When: What stack is this? Language, framework, runtime, package manager.
You get: get_project_context framework topic slice.
Example: /framework
Same without slash: mcpcli get-context framework
/auth — Auth
Runs: auth · MCP: get_project_context · ~~7 req on success
Login, sessions, providers
When: Zoom into auth layer only — providers, session, middleware files.
You get: get_project_context auth topic slice.
Example: /auth
Same without slash: mcpcli get-context auth
/database — Database
Runs: database · MCP: get_project_context · ~~7 req on success
ORM, provider, migrations
When: Find ORM, connection string, migration layout.
You get: get_project_context database topic slice.
Example: /database
Same without slash: mcpcli get-context database
/deploy — Deploy
Runs: deploy · MCP: get_project_context · ~~7 req on success
Hosting, CI, ship path
When: How does this ship — Vercel, Render, Docker, CI workflow files.
You get: get_project_context deploy topic slice.
Example: /deploy
Same without slash: mcpcli get-context deploy
/backend — Backend
Runs: backend · MCP: get_project_context · ~~7 req on success
API routes and server code
When: Server-side entry points — API routes, workers, server actions.
You get: get_project_context backend topic slice.
Example: /backend
Same without slash: mcpcli get-context backend
/frontend — Frontend
Runs: frontend · MCP: get_project_context · ~~7 req on success
UI framework and entry files
When: UI layer — React/Vue/Svelte entry, routing, component roots.
You get: get_project_context frontend topic slice.
Example: /frontend
Same without slash: mcpcli get-context frontend
Search
/defs — Definitions
Runs: defs handleAuth · MCP: find_code · ~~5 req on success
Where a symbol is defined
When: Where is this symbol defined?
You get: find_code definition search.
Example: /defs handleAuth
Same without slash: mcpcli defs handleAuth
/usages — Usages
Runs: usages handleAuth · MCP: find_code · ~~5 req on success
Every call site — or use /who
When: Every call site before a refactor.
You get: find_code usage search across repo.
Example: /usages validateToken
Same without slash: mcpcli usages validateToken
/rename — Rename scan
Runs: rename MyApp · MCP: find_code · ~~5 req on success
Every file:line before a rename
When: Before renaming a type, component, or env var — list every occurrence.
You get: file:line hits suitable for a safe rename PR.
Example: /rename MyApp
Same without slash: mcpcli rename MyApp
/everywhere — Everywhere
Runs: everywhere · MCP: find_code · ~~5 req on success
Exhaustive rename scan — pass a symbol after
When: Exhaustive symbol hunt — stricter than /rename for rare symbols.
You get: All matches across repo including strings and comments.
Example: /everywhere SESSION_COOKIE
Same without slash: mcpcli everywhere SESSION_COOKIE
/paste — Paste search
Runs: paste · MCP: find_code · ~~5 req on success
Snippet search — paste ≥8 chars after
When: You have a code snippet (≥8 chars) copied from a stack trace.
You get: Snippet search — finds unique substring locations.
Example: /paste "export async function handler"
Same without slash: mcpcli paste "export async function"
/where — Where snippet
Runs: paste · MCP: find_code · ~~5 req on success
Alias for /paste
When: Alias for /paste — natural language habit.
You get: Same as /paste snippet search.
Example: /where "createClient("
Same without slash: mcpcli paste "createClient("
/search — Search
Runs: find auth · MCP: find_code · ~~5 req on success
Alias for /find
When: Alias for /find — when you type /search out of muscle memory.
You get: find_code ranked ripgrep results.
Example: /search "rate limit"
Same without slash: mcpcli find-code "rate limit"
Live scans
/site — Site Pulse
Runs: site example.com · 0 quota (local/meta)
Fast local HTTP probe — /web is the full scan
When: Fast localhost or cloud Site Pulse — what is broken on this URL.
You get: Runtime errors, API health, page title — lighter than /web.
Example: /site localhost:3000
Same without slash: mcpcli site localhost:3000
/check-url — Header audit
Runs: check url https://example.com --deep · MCP: audit_headers · ~~6 req on success
Headers A–F + secrets (add --deep for API keys in JS)
When: Grade live TLS + security headers (HSTS, CSP, cookies).
You get: audit_headers A–F grade, fix snippets, optional --deep for JS secrets.
Example: /check-url https://zephex.dev --deep
Same without slash: mcpcli check url https://zephex.dev --deep
/audit — Audit URL
Runs: check url https://example.com · MCP: audit_headers · ~~6 req on success
Alias for /check-url
When: Alias for /check-url — header grades on a live HTTPS URL.
You get: audit_headers TLS + security header report.
Example: /audit https://zephex.dev
Same without slash: mcpcli check url https://zephex.dev
/supply-site — Supply · site
Runs: supply site https://example.com · 0 quota (local/meta)
Secrets in live JS only
When: Secrets in live JavaScript only — skip full supply wide scan.
You get: Supply Pulse site phase — exposed keys in bundled JS.
Example: /supply-site https://zephex.dev
Same without slash: mcpcli supply site https://zephex.dev
/supply-audit — Supply · audit
Runs: supply audit owner/repo · 0 quota (local/meta)
GitHub + live site cross-ref
When: Cross-reference GitHub repo with its deployed site.
You get: Supply audit — repo + live URL correlation.
Example: /supply-audit Zephex/mcp-proxy
Same without slash: mcpcli supply audit Zephex/mcp-proxy
/shadow — Shadow API
Runs: shadow · 0 quota (local/meta)
Hidden API surface — under /web
When: Hidden API routes not in OpenAPI docs.
You get: Shadow API scan — under /web family.
Example: /shadow
Same without slash: mcpcli shadow
/shadow-audit — Shadow audit
Runs: shadow audit owner/repo · 0 quota (local/meta)
Hidden API on repo or live URL
When: Hidden API routes on a repo or deployed URL.
You get: Shadow audit — undocumented endpoints and handlers.
Example: /shadow-audit owner/repo
Same without slash: mcpcli shadow audit owner/repo
/shadow-diff — Shadow diff
Runs: shadow diff · 0 quota (local/meta)
Diff last vs previous shadow scan
When: Compare last two shadow scans after a deploy.
You get: Diff new vs removed shadow routes.
Example: /shadow-diff
Same without slash: mcpcli shadow diff
/shadow-last — Shadow last
Runs: shadow last · 0 quota (local/meta)
Replay last shadow scan session
When: Replay last shadow scan session.
You get: Cached shadow API report.
Example: /shadow-last
Same without slash: mcpcli shadow last
/secrets — Secrets only
Runs: secrets https://example.com · 0 quota (local/meta)
Supply — secrets phase only
When: Only the secrets-detection phase — fastest leak check on a URL.
You get: Supply secrets phase — API keys in HTML/JS responses.
Example: /secrets https://staging.example.com
Same without slash: mcpcli secrets https://staging.example.com
Local CLI
/reason — Reason
Runs: reason "why auth fails" · MCP: keep_thinking · ~~4 req on success
Hypothesis-style reasoning — under /think
When: Hypothesis-style debugging — why might this fail?
You get: keep_thinking reason preset — ranked hypotheses + next checks.
Example: /reason "why auth fails after deploy"
Same without slash: mcpcli reason "why auth fails"
/debug-think — Debug think
Runs: debug-think "trace this 401" · MCP: keep_thinking · ~~4 req on success
Debug-preset reasoning — under /think
When: Trace a specific error — 401, timeout, flaky test.
You get: keep_thinking debug preset — step-by-step investigation plan.
Example: /debug-think "trace this 401"
Same without slash: mcpcli debug-think "trace 401"
/docs — Docs
Runs: docs "Stripe webhooks" · MCP: Zephex_dev_info · ~~2 req on success
Expert implementation KB lookup
When: Expert implementation KB — Stripe, Supabase, Next.js patterns.
You get: Zephex_dev_info lookup — not URL scraping.
Example: /docs "Stripe webhooks"
Same without slash: mcpcli docs "Stripe webhooks"
More filter slashes (37)
Not in the bare / list or the filter table above — still match when you type them (Test Pulse subcommands, supply/site history, account utilities, web-terminal /sessions).
| Slash | Runs | MCP tool | What it does | Credits |
|---|---|---|---|---|
/package | check-package express | check_package | check_package — one pkg deep-dive; filter /safe /deps /upgrade /migrate | ~5 |
/sessions | sessions | — | List terminal tabs | 0 |
/test-coverage | check test coverage | check_test | Per-file coverage table | ~5 |
/test-list | check test list | check_test | All test files with pass/fail counts | ~5 |
/test-last | check test last | check_test | Repeat last report — 30m TTL | ~5 |
/test-flaky | check test flaky | check_test | Flaky hints from --flaky runs | ~5 |
/test-history | check test history | check_test | Last 10 cloud uploads — API key | ~5 |
/test-learn | check test learn | check_test | Subcommands + docs links | ~5 |
/test-dry | check test --dry-run | check_test | Show detected runner — 0 credits | ~5 |
/scope | scope-task "add rate limiting" | check_test | What files to touch for a task | ~5 |
/plan | plan "migrate auth" | check_test | Alias for scope-task | ~5 |
/brief | brief | — | Alias for overview briefing | 0 |
/supply-repo | supply repo owner/repo | — | GitHub secrets scan · replace owner/repo | 0 |
/supply-keys | supply keys owner/repo | — | Exposed keys in repo or site | 0 |
/site-tech | site tech example.com | — | Framework + hosting decode | 0 |
/site-last | site last | — | Re-print last Site Pulse scan | 0 |
/site-history | site history | — | Last 10 cloud site scans | 0 |
/supply-last | supply last | — | Replay last supply scan | 0 |
/supply-history | supply history | — | Cloud supply scan history | 0 |
/monorepo | monorepo | get_project_context | Workspaces and package layout | ~7 |
/integrations | integrations | get_project_context | Stripe, Supabase, third-party APIs | ~7 |
/scripts | scripts | get_project_context | npm/bun scripts and dev commands | ~7 |
/quick | quick | get_project_context | One-screen project snapshot | ~7 |
/supabase | supabase | get_project_context | Auth, RLS, migrations | ~7 |
/styling | styling | get_project_context | CSS, Tailwind, design tokens | ~7 |
/remember | remember "auth uses Supabase JWT" | project_memory | Store a project fact | ~4 |
/recall | recall | project_memory | Search saved facts — /recall auth | ~4 |
/history | history | — | Local command log — filter /again to repeat | 0 |
/again | again | — | Repeat last command | 0 |
/last | last | — | Repeat last package lookup | 0 |
/list | list | — | Install status per editor | 0 |
/tools | tools | — | Enable/disable tools in editor config | 0 |
/skills | skills | — | Install find-code SKILL.md + rule | 0 |
/reset | reset | — | Disconnect + remove skill/rule files | 0 |
/update | update | — | Check/install latest npm package | 0 |
/info | info | — | CLI version and install path | 0 |
/uninstall | uninstall | — | Remove Zephex from this machine | 0 |
Extra reference (by group)
Deep dives
/package — Check package
Runs: check-package express · MCP: check_package · ~~5 req on success
check_package — one pkg deep-dive; filter /safe /deps /upgrade /migrate
When: Deep dive one package — CVEs, typosquat risk, upgrade path.
You get: check_package full report for a single dependency.
Example: /package express
Same without slash: mcpcli check-package express
Tip: /safe is the quick pre-install check; /package is the long form.
/monorepo — Monorepo
Runs: monorepo · MCP: get_project_context · ~~7 req on success
Workspaces and package layout
When: Workspaces, internal packages, which app folder to cd into.
You get: get_project_context monorepo topic slice.
Example: /monorepo
Same without slash: mcpcli get-context monorepo
/integrations — Integrations
Runs: integrations · MCP: get_project_context · ~~7 req on success
Stripe, Supabase, third-party APIs
When: Third-party wiring — Stripe, Supabase, PostHog, Sentry, etc.
You get: get_project_context integrations topic slice.
Example: /integrations
Same without slash: mcpcli get-context integrations
/scripts — Scripts
Runs: scripts · MCP: get_project_context · ~~7 req on success
npm/bun scripts and dev commands
When: What npm/bun scripts exist and what they do.
You get: get_project_context scripts topic slice.
Example: /scripts
Same without slash: mcpcli get-context scripts
/quick — Quick brief
Runs: quick · MCP: get_project_context · ~~7 req on success
One-screen project snapshot
When: One-screen snapshot — faster than full /context.
You get: Compressed get_project_context quick brief.
Example: /quick
Same without slash: mcpcli get-context quick
/supabase — Supabase
Runs: supabase · MCP: get_project_context · ~~7 req on success
Auth, RLS, migrations
When: Supabase-specific — auth helpers, RLS, migrations folder.
You get: get_project_context supabase topic slice.
Example: /supabase
Same without slash: mcpcli get-context supabase
/styling — Styling
Runs: styling · MCP: get_project_context · ~~7 req on success
CSS, Tailwind, design tokens
When: CSS approach — Tailwind, CSS modules, styled-components, tokens.
You get: get_project_context styling topic slice.
Example: /styling
Same without slash: mcpcli get-context styling
Session
/sessions — Sessions
Runs: sessions · 0 quota (local/meta)
List terminal tabs
When: Web terminal — list open tabs/sessions.
You get: Session ids and labels (zephex.dev/cli only).
Example: /sessions
Same without slash: mcpcli sessions
/remember — Remember
Runs: remember "auth uses Supabase JWT" · MCP: project_memory · ~~4 req on success
Store a project fact
When: Save a non-obvious discovery for the next session.
You get: Stores compact fact (title + body) — cloud or local SQLite.
Example: /remember "auth middleware uses Supabase JWT in cookies"
Same without slash: mcpcli remember "auth uses Supabase JWT"
/recall — Recall
Runs: recall · MCP: project_memory · ~~4 req on success
Search saved facts — /recall auth
When: New session on a repo — pull area-specific facts before editing.
You get: FTS keyword search over saved memories (max 5 hits).
Example: /recall auth
Same without slash: mcpcli recall auth
Local CLI
/test-coverage — Test coverage
Runs: check test coverage · MCP: check_test · ~~5 req on success
Per-file coverage table
When: After /test — which files lack tests?
You get: Per-file coverage table from check_test session.
Example: /test-coverage
Same without slash: mcpcli check test coverage
Tip: 0 credits when reading cached session.
/test-list — Test files
Runs: check test list · MCP: check_test · ~~5 req on success
All test files with pass/fail counts
When: Inventory all test files before refactoring test layout.
You get: Every test file with pass/fail counts from last run.
Example: /test-list
Same without slash: mcpcli check test list
/test-last — Last test run
Runs: check test last · MCP: check_test · ~~5 req on success
Repeat last report — 30m TTL
When: Repeat last test report without re-running the suite.
You get: Cached check_test output (30m TTL).
Example: /test-last
Same without slash: mcpcli check test last
Tip: 0 credits on cache hit.
/test-flaky — Flaky tests
Runs: check test flaky · MCP: check_test · ~~5 req on success
Flaky hints from --flaky runs
When: Intermittent failures — hints from repeated runs.
You get: Flaky test candidates and rerun suggestions.
Example: /test-flaky
Same without slash: mcpcli check test flaky
/test-history — Test history
Runs: check test history · MCP: check_test · ~~5 req on success
Last 10 cloud uploads — API key
When: Cloud upload history for test runs on this API key.
You get: Last 10 check_test cloud sessions.
Example: /test-history
Same without slash: mcpcli check test history
/test-learn — Test Pulse guide
Runs: check test learn · MCP: check_test · ~~5 req on success
Subcommands + docs links
When: Forgot Test Pulse subcommands — in-terminal mini guide.
You get: Subcommand list + links (no suite run).
Example: /test-learn
Same without slash: mcpcli check test learn
/test-dry — Test dry-run
Runs: check test --dry-run · MCP: check_test · ~~5 req on success
Show detected runner — 0 credits
When: Verify runner detection before burning quota on a huge suite.
You get: Detected test runner + command that would run — 0 credits.
Example: /test-dry
Same without slash: mcpcli check test --dry-run
/scope — Scope task
Runs: scope-task "add rate limiting" · MCP: check_test · ~~5 req on success
What files to touch for a task
When: Planning a feature — which files will you touch?
You get: check_test scope-task — ranked files for a natural-language task.
Example: /scope "add rate limiting"
Same without slash: mcpcli scope-task "add rate limiting"
/plan — Plan task
Runs: plan "migrate auth" · MCP: check_test · ~~5 req on success
Alias for scope-task
When: Alias for /scope — same scope-task mapper.
You get: File touch list for a described task.
Example: /plan "migrate auth to Clerk"
Same without slash: mcpcli plan "migrate auth"
/history — History
Runs: history · 0 quota (local/meta)
Local command log — filter /again to repeat
When: Re-run something from this REPL session without retyping.
You get: Local command log — pick by number.
Example: /history 3
Same without slash: mcpcli history 3
/again — Again
Runs: again · 0 quota (local/meta)
Repeat last command
When: Repeat the last command you ran in this shell.
You get: Re-executes previous argv line.
Example: /again
Same without slash: mcpcli again
/last — Last package
Runs: last · 0 quota (local/meta)
Repeat last package lookup
When: Repeat last package lookup (/safe, /package, /upgrade).
You get: Re-runs previous check_package command.
Example: /last
Same without slash: mcpcli last
/list — List editors
Runs: list · 0 quota (local/meta)
Install status per editor
When: Which editors have Zephex MCP configured?
You get: Per-editor install status from disk configs.
Example: /list
Same without slash: mcpcli list
/tools — MCP tools
Runs: tools · 0 quota (local/meta)
Enable/disable tools in editor config
When: Toggle which MCP tools appear in editor config.
You get: Enable/disable tool allowlist in mcp.json.
Example: /tools
Same without slash: mcpcli tools
/skills — Agent skill
Runs: skills · 0 quota (local/meta)
Install find-code SKILL.md + rule
When: Install find-code SKILL.md + editor rule via npx zephex setup --with-skill.
You get: Writes skill files into .cursor or .claude paths.
Example: /skills
Same without slash: mcpcli skills
/reset — Reset
Runs: reset · 0 quota (local/meta)
Disconnect + remove skill/rule files
When: Nuclear option — disconnect all editors and remove skill/rule files.
You get: disconnect + deletes embedded skill markdown.
Example: /reset
Same without slash: mcpcli reset
/update — Update CLI
Runs: update · 0 quota (local/meta)
Check/install latest npm package
When: Check if a newer zephex npm package is published.
You get: Version compare; --apply runs global npm install.
Example: /update
Same without slash: mcpcli update
/info — Version
Runs: info · 0 quota (local/meta)
CLI version and install path
When: Which zephex version is on PATH?
You get: CLI semver + install location.
Example: /info
Same without slash: mcpcli info
/uninstall — Uninstall
Runs: uninstall · 0 quota (local/meta)
Remove Zephex from this machine
When: Remove Zephex CLI from this machine.
You get: Unlinks binary; --full also deletes ~/.zephex.
Example: /uninstall
Same without slash: mcpcli uninstall
Learn the repo
/brief — Brief
Runs: brief · 0 quota (local/meta)
Alias for overview briefing
When: Alias for /overview briefing when you typed /brief by habit.
You get: Same as /overview — product story + stack bars.
Example: /brief
Same without slash: mcpcli overview
Live scans
/supply-repo — Supply · repo
Runs: supply repo owner/repo · 0 quota (local/meta)
GitHub secrets scan · replace owner/repo
When: Scan a public or private GitHub repo for leaked secrets.
You get: Supply repo phase — keys in history and config.
Example: /supply-repo owner/repo
Same without slash: mcpcli supply repo owner/repo
/supply-keys — Supply · keys
Runs: supply keys owner/repo · 0 quota (local/meta)
Exposed keys in repo or site
When: Focused key hunt on repo or site without full supply report.
You get: Supply keys phase only.
Example: /supply-keys owner/repo
Same without slash: mcpcli supply keys owner/repo
/site-tech — Site tech
Runs: site tech example.com · 0 quota (local/meta)
Framework + hosting decode
When: Decode framework + hosting from response headers and HTML.
You get: Site tech stack fingerprint — under /web family.
Example: /site-tech zephex.dev
Same without slash: mcpcli site tech zephex.dev
/site-last — Site last
Runs: site last · 0 quota (local/meta)
Re-print last Site Pulse scan
When: Re-print last Site Pulse without new HTTP probe.
You get: Cached site scan output.
Example: /site-last
Same without slash: mcpcli site last
/site-history — Site history
Runs: site history · 0 quota (local/meta)
Last 10 cloud site scans
When: See prior Site Pulse runs from cloud history.
You get: Last 10 site scans on your API key.
Example: /site-history
Same without slash: mcpcli site history
/supply-last — Supply last
Runs: supply last · 0 quota (local/meta)
Replay last supply scan
When: Replay last Supply Pulse without re-scanning.
You get: Cached supply session output.
Example: /supply-last
Same without slash: mcpcli supply last
Tip: 0 credits when session still valid.
/supply-history — Supply history
Runs: supply history · 0 quota (local/meta)
Cloud supply scan history
When: Audit trail of cloud supply scans on your account.
You get: Last 10 supply sessions from dashboard API.
Example: /supply-history
Same without slash: mcpcli supply history
No slash — still Mode 2
These run as plain argv (no / prefix) but belong on this reference:
mcpcli voice-check— Diagnose Voice Mode pipe, PTT, STT subprocessmcpcli voice-setup— Interactive voice env setupmcpcli welcome— Home screen — tools, palette, quotamcpcli slash-demo— Print / palette without TTY (CI/docs)mcpcli loop-guard <pkg>— Breaking-change guard before upgrade
Web, site, supply, shadow, check-url
/web zephex.dev # full hosted website scan/site localhost:3000 # fast Site Pulse (local loopback works)/check-url https://zephex.dev --deep # audit_headers grades + secrets/supply https://zephex.dev # Supply Pulse — wide security scan/shadow # hidden API surface/secrets https://… # secrets-only phaseSite Pulse vs /web vs /check-url: Site Pulse is runtime truth (errors, APIs); /web is full intel; /check-url is TLS/header grades via MCP.
Package slashes
/safe react # before npm install/deps # all direct deps in package.json/upgrade next # breaking changes + migration path/migrate prisma # migration guide/compare lodash ramda # side-by-side two packages/package express # deep dive one packageZephex Voice Mode
Hands-free palette control. Default on in REPL (ZEPHEX_VOICE=1 (default in REPL)). Pipe: ~/.zephex/voice.pipe. External STT: ZEPHEX_VOICE_CMD — external STT subprocess.
| Say | Effect |
|---|---|
scroll down / scroll up | Move palette highlight (↑↓ also work) |
page down / page up | Jump ~8 rows in palette |
overview, find, test, … | Navigate palette only — does not run until you say run |
run / go / execute | Enter — runs highlighted slash command |
run find auth | Execute find with tail args |
commands / slash | Opens / palette |
copy that | Copy last command output |
remember … / recall … | Project memory CLI (not slash-navigate) |
quit | Exit shell |
mcpcli voice-checkmcpcli voice-setup# Test inject (one shot):export ZEPHEX_VOICE_INJECT="scroll down"End-to-end workflows
New repo (day one)
/overview → /architecture → /find "entry point" → /read src/main.ts → /testPre-PR checklist
/changes → /test → /failures → /env-check → /todosDependency upgrade
/deps → /upgrade stripe → /safe @stripe/stripe-js → /testProduction URL audit
/web your-app.com → /check-url https://your-app.com --deep → /supply https://your-app.comCross-session memory
/remember "webhooks use raw body parser on /api/stripe"# … next week …/recall stripe webhooks → /find webhookWhen something fails
- Empty palette / no API key —
/loginormcpcli doctor - Command not found —
/compass your phraseor/learn - 429 quota —
/usage, then upgrade or wait for monthly reset - Editor MCP broken —
/repair,/reconnect --cursor - Wrong project folder —
cdinto package root first; terminal always uses cwd
Source of truth
Palette data is generated from mcp-proxy/src/lib/cli-slash-commands.ts (TERMINAL_SLASH_ORDER). Regenerate docs after CLI changes:
bun scripts/sync-slash-docs.mjsRelated
- CLI commands — full argv reference (account, voice, pulses, memory CLI)
- Command Compass — typo + NL routing
- Project Memory
- Supply Pulse
- All 10 MCP tools