MCP for agents
Local test-mode tools for app config, fixtures, delivery logs, and receiver checks.
Compatible with the closed-beta ATM app APIs and versioned ATM event headers. Check atm-api-version on every webhook or XRPC receiver event.
Scope
@atmosphere-money/mcp is a local MCP server for agent-assisted ATM integrations. It exposes docs discovery, fixtures, test events, delivery logs, and test-only checkout validation without live money-moving tools.
Install
npm install -D @atmosphere-money/mcp@betaView @atmosphere-money/mcp on npmx for README, changelog, package health, and source metadata.
Local config
For hosted ATM beta testing, use the published package through your MCP-capable agent or editor.
{
"mcpServers": {
"atm": {
"command": "npx",
"args": ["-y", "@atmosphere-money/mcp@beta"]
}
}
}For local ATM development, point the server at your local checkout origin. The default local app URL is http://localhost:3001.
{
"mcpServers": {
"atm": {
"command": "node",
"args": ["/path/to/atmosphere-money/packages/mcp/dist/stdio.js"],
"env": {
"ATM_BASE_URL": "http://localhost:3001"
}
}
}
}Tools
| get_integration_plan | Returns a safe ATM implementation plan for the app type, framework, and requested features. |
|---|---|
| fetch_atm_docs | Returns the most relevant docs links and guidance for a topic. |
| generate_webhook_fixture | Creates a signed local ATM webhook payload without calling ATM. |
| generate_ticket_fixture | Creates signed ticket event fixtures such as tickets.issued and ticket.checked_in. |
| inspect_app_config | Reads app developer config using the environment webhook secret, without returning secrets. |
| send_test_webhook | Queues a test-mode app.webhook.test delivery to the configured webhook or XRPC receiver. |
| list_delivery_logs | Lists recent app delivery logs for the selected environment. |
| redrive_test_delivery | Redrives only test-mode deliveries by delivery id or status. |
| create_test_checkout | Calls strict payment initiation only with a caller-supplied test checkout envelope and service-auth JWT. |
Developer endpoints
The MCP server wraps documented developer endpoints. These are also useful for app setup scripts and CI checks when an agent is not available.
| GET /api/app/developer/config | Read sanitized app config for test or live with the matching environment webhook secret. |
|---|---|
| POST /api/app/developer/test-event | Queue an app.webhook.test event in test mode. Live test-event sends are intentionally blocked. |
| GET /api/webhooks/atm | List delivery logs for an app environment with the matching webhook secret. |
| POST /api/webhooks/atm | Redrive a delivery or status-filtered batch. MCP only calls this for test mode. |
| POST /xrpc/network.attested.payment.initiate | Start checkout with app service-auth. MCP refuses non-test checkout envelopes. |
Safety boundary
- Keep webhook secrets and service-auth JWTs in the agent's local/test environment, not in browser code.
- Use MCP for developer validation, not live payment operations.
- Use the ATM dashboard for live secret rotation, payout setup, refunds, product edits, and subscription changes.
- Fulfill app orders only from verified webhook or XRPC receiver events, not from MCP tool output alone.
- Do not paste live customer data, processor ids, ticket scan tokens, or secrets into prompts.
Remote MCP roadmap
The beta MCP server is local/test-mode first. A remote OAuth MCP server can come later when app developer auth, scopes, approvals, and audit logs are mature enough to support hosted agent actions. Until then, ATM keeps the safe path simple: local tools for developer validation and the dashboard for live business controls.