explainx.ainewsletter3.4k

browser-automation

durable-objects-mcp▌

by spawnbase

Query your 🟧 Cloudflare Durable Objects from Claude Code, Cursor, and other AI clients

MCP server for querying Cloudflare Durable Object SQLite storage with read-only access, authentication via Cloudflare Access, and structured table discovery.

github stars

★ 0

0 commentsdiscussion

Both formats append explainx.ai attribution and the canonical URL for this MCP server listing.

best for

/ General purpose MCP workflows

capabilities

/ list_classes
/ describe_schema
/ execute_read_query

what it does

MCP server for querying Cloudflare Durable Object SQLite storage with read-only access, authentication via Cloudflare Access, and structured table discovery.

about

durable-objects-mcp is a community-built MCP server published by spawnbase that provides AI assistants with tools and capabilities via the Model Context Protocol. Query your 🟧 Cloudflare Durable Objects from Claude Code, Cursor, and other AI clients It is categorized under browser automation. This server exposes 3 tools that AI clients can invoke during conversations and coding sessions.

how to install

You can install durable-objects-mcp in your AI client of choice. Use the install panel on this page to get one-click setup for Cursor, Claude Desktop, VS Code, and other MCP-compatible clients. This server runs locally on your machine via the stdio transport.

license

MIT

durable-objects-mcp is released under the MIT license. This is a permissive open-source license, meaning you can freely use, modify, and distribute the software.

readme

🟧 durable-objects-mcp

Unofficial MCP server for querying Cloudflare Durable Object SQLite storage from AI clients (Claude Code, Cursor, Windsurf, etc.). Gives AI clients structured, read-only access to your DO storage. Connect once, discover tables, run queries.

🤔 Why

Durable Objects store state in private SQLite databases with no programmatic query access — just Data Studio in the dashboard. We built this while working on Spawnbase because manually clicking through thousands of DO instances isn't viable.

TODO: The best version of this tool is one that doesn't need to exist. We'd love Cloudflare to ship native secure query access for DO storage. Until then, this fills the gap.

⚙️ What it enables

You (while sipping coffee): "What tables does the AIAgent DO have for user abc123?"

→ describe_schema({ class_name: "AIAgent", name: "abc123" })

  _cf_KV           — key TEXT, value BLOB
  cf_agents_state  — id TEXT, data BLOB
  cf_agents_messages — id TEXT, role TEXT, content TEXT, created_at INTEGER
  ...

You (after the second sip): "Show me the last 5 messages"

→ query({ class_name: "AIAgent", name: "abc123",
          sql: "SELECT role, content FROM cf_agents_messages ORDER BY created_at DESC LIMIT 5" })

  role       | content
  -----------|----------------------------------
  user       | Deploy the workflow to production
  assistant  | I'll deploy workflow wf_a8c3...
  ...

A standalone Cloudflare Worker that binds to your DO namespaces via script_name and calls a query() RPC method on each DO instance. Auth via Cloudflare Access (OAuth).

🔒 Security

Warning: Durable Objects can store sensitive data — session tokens, PII, payment records, conversation history. Before deploying, review what your DOs contain, only bind the namespaces you need, and restrict your Cloudflare Access policy accordingly. If you serve end users, make sure your terms of service cover this kind of data access.

We took security seriously when building this. Here's what we put in place:

Cloudflare Access (OAuth) — all authentication happens at the edge before the request reaches the Worker. JWTs are verified against CF Access JWKS (signature, algorithm, expiry). PKCE (S256 only) is enforced on the MCP client side. Revoking a user in your identity provider cuts their MCP session on the next token refresh.
Read-only by design — a server-side SQL guard rejects anything that isn't SELECT, PRAGMA, EXPLAIN, or WITH before it reaches the DO. All write statements are blocked at the MCP server level.
No public DO access — the query() RPC call uses Cloudflare service bindings (script_name), which stay entirely within Cloudflare's internal network. There is no public HTTP endpoint to the DOs. The MCP server is the only way in.
Explicit namespace scoping — only DO classes with bindings in wrangler.jsonc are discoverable and queryable. Nothing is exposed by default.

🛠️ Tools

Tool	What it does
`list_classes`	Lists queryable DO classes configured in your deployment
`describe_schema`	Returns tables and columns for a DO instance
`execute_read_query`	Executes read-only SQL against a DO instance

🚀 Setup

1. Add a `query()` method to your DO classes

Each DO class you want to query needs this method:

query(sql: string) {
  const cursor = this.ctx.storage.sql.exec(sql)
  return { columns: cursor.columnNames, rows: [...cursor.raw()] }
}

The MCP server's SQL guard blocks all non-SELECT statements before they reach the DO.

2. Clone and configure

git clone https://github.com/spawnbase/durable-objects-mcp.git
cd durable-objects-mcp
pnpm install

Edit wrangler.jsonc — add DO bindings pointing at your Worker:

"durable_objects": {
  "bindings": [
    { "name": "DO_MCP_AGENT", "class_name": "DOMcpAgent" },
    {
      "name": "AI_AGENT",
      "class_name": "AIAgent",
      "script_name": "your-worker-name"
    }
  ]
}

Any DO binding (except DO_MCP_AGENT) is automatically queryable — no additional config needed.

3. Set up auth (Cloudflare Access)

Follow the Secure MCP servers with Access for SaaS guide:

Create a SaaS application in Cloudflare One → Access → Applications
Select OIDC as the authentication protocol
Set the redirect URL to https://your-worker.workers.dev/callback
Under Policies, add an Access policy controlling who can connect (e.g., email list, IdP group)
Under Login methods, select which identity providers are available (GitHub, Google, One-time PIN, etc.)
Copy the Client ID and Client Secret from the app config

Then set secrets:

wrangler secret put ACCESS_TEAM             # your Zero Trust team name
wrangler secret put ACCESS_CLIENT_ID        # from the SaaS app
wrangler secret put ACCESS_CLIENT_SECRET    # from the SaaS app
wrangler secret put COOKIE_ENCRYPTION_KEY   # openssl rand -hex 32

4. Deploy

wrangler deploy

5. Connect your MCP client

On first connect, you'll authenticate via Cloudflare Access (browser popup). After that, the session persists.

Claude Code:

claude mcp add --transport http do-explorer https://your-worker.workers.dev/mcp

Cursor (~/.cursor/mcp.json):

{
  "mcpServers": {
    "do-explorer": { "url": "https://your-worker.workers.dev/mcp" }
  }
}

Codex (~/.codex/config.toml):

[mcp_servers.do-explorer]
url = "https://your-worker.workers.dev/mcp"

Then run codex mcp login do-explorer to authenticate.

OpenCode (opencode.json):

{
  "mcp": {
    "do-explorer": {
      "type": "remote",
      "url": "https://your-worker.workers.dev/mcp"
    }
  }
}

📋 Requirements

5 minutes
Cloudflare Workers Paid plan
SQLite-backed Durable Objects (compatibility date 2024-04-03+)
Cloudflare Zero Trust (for auth)

📄 License

MIT

FAQ

What is the durable-objects-mcp MCP server?: durable-objects-mcp is a Model Context Protocol (MCP) server profile on explainx.ai. MCP lets AI hosts (e.g. Claude Desktop, Cursor) call tools and resources through a standard interface; this page summarizes categories, install hints, and community ratings.
How do MCP servers relate to agent skills?: Skills are reusable instruction packages (often SKILL.md); MCP servers expose live capabilities. Teams frequently combine both—skills for workflows, MCP for APIs and data. See explainx.ai/skills and explainx.ai/mcp-servers for parallel directories.
How are reviews shown for durable-objects-mcp?: This profile displays 49 aggregated ratings (sample rows for discoverability plus signed-in user reviews). Average score is about 4.6 out of 5—verify behavior in your own environment before production use.

Use Cases▌

Web Research & Information Gathering

Fetch and extract information from websites automatically

Example

Research competitor pricing, scrape product reviews, monitor news mentions

✓

Automate 5-10 hours/week of manual web research

Content Monitoring & Alerts

Track website changes, new content, price updates

Example

Monitor competitor blog for new posts, track stock availability, watch for pricing changes

✓

Stay informed without manual checking, never miss important updates

Data Extraction & Aggregation

Extract structured data from multiple websites

Example

Compile product listings from 10 e-commerce sites, aggregate job postings, collect real estate data

✓

Build datasets 100x faster than manual copying

API-less Integration

Interact with services that don't offer APIs

Example

Check form submissions, validate website functionality, test user flows

✓

Automate interactions with any website, even without API

Implementation Guide▌

Prerequisites

›Claude Desktop or Cursor with MCP support
›Understanding of web scraping ethics and robots.txt
›Rate limiting awareness to avoid overwhelming target sites
›Knowledge of legal restrictions on data collection

Time Estimate

20-40 minutes including configuration and testing

Installation Steps

1.Install web automation MCP server via npm or pip
2.Configure allowed domains and rate limits in MCP config
3.Test with simple fetch: 'Get content from example.com'
4.Progress to extraction: 'Extract all product prices from this page'
5.Set up monitoring: 'Check this URL daily for changes'
6.Parse structured data: 'Create CSV from this table'
7.Respect robots.txt and rate limits always

Troubleshooting

⚠403 Forbidden: Website blocks bots—respect their wishes, use official API instead
⚠Rate limit errors: Slow down requests, add delays between fetches
⚠Stale data: Target site changed HTML structure—update selectors
⚠Timeout errors: Site is slow or blocking—increase timeout, try different user agent
⚠JavaScript-rendered content: Use headless browser MCP servers for dynamic sites

Best Practices▌

✓ Do

+Check robots.txt and respect crawl rules
+Rate limit requests: 1-2 requests/second maximum
+Use official APIs when available instead of scraping
+Identify your bot with descriptive user agent
+Cache results to minimize repeated requests
+Handle errors gracefully with retries and fallbacks
+Validate extracted data for accuracy

✗ Don't

−Don't scrape sites that explicitly forbid it (robots.txt, ToS)
−Don't overwhelm servers with rapid requests—use rate limiting
−Don't scrape personal data without consent and legal basis
−Don't ignore copyright on extracted content
−Don't assume HTML structure is stable—handle changes
−Don't use scraped data for commercial purposes without permission

💡 Pro Tips

★Use CSS selectors or XPath for robust data extraction
★Set up monitoring alerts for extraction failures (structure changed)
★Implement exponential backoff for retries on failures
★Store raw HTML for reprocessing if extraction logic changes
★Combine with data analysis tools for insights from extracted data
★Consider using official APIs or RSS feeds as more stable alternatives

Technical Details▌

Architecture

MCP server handles HTTP requests, HTML parsing, JavaScript rendering (if headless browser), and returns structured data to Claude.

Protocols

HTTP/HTTPS
WebSocket (for real-time sites)
Puppeteer/Playwright (for JavaScript sites)

Compatibility

Static HTML sites
JavaScript-rendered SPAs (with headless browser)
REST APIs
GraphQL endpoints

When to Use This▌

✓ Use When

Use for research automation, content monitoring, data aggregation from multiple sources, and when official APIs don't exist. Best for read-only information gathering.

✗ Avoid When

Avoid for sites with APIs (use API instead), sites that explicitly forbid scraping, when data is copyrighted, or for login-required content without proper authorization.

Integration▌

→Scheduled monitoring with change detection
→Multi-source data aggregation pipelines
→Fallback to web scraping when API rate limits hit
→Headless browser for JavaScript-heavy sites

Discussion

Product Hunt–style comments (not star reviews)

No comments yet — start the thread.

List & Promote Your MCP Server

Share your MCP server with the developer community

GET_STARTED →

MCP server reviews

Ratings

4.6★★★★★49 reviews

★★★★★Naina Thompson· Dec 24, 2024
Useful MCP listing: durable-objects-mcp is the kind of server we cite when onboarding engineers to host + tool permissions.
★★★★★Layla Thomas· Dec 24, 2024
I recommend durable-objects-mcp for teams standardizing on MCP; the explainx.ai page compares cleanly with sibling servers.
★★★★★Layla Gonzalez· Dec 24, 2024
durable-objects-mcp is a well-scoped MCP server in the explainx.ai directory — install snippets and categories matched our Claude Code setup.
★★★★★Layla Wang· Nov 15, 2024
Strong directory entry: durable-objects-mcp surfaces stars and publisher context so we could sanity-check maintenance before adopting.
★★★★★Yuki Thompson· Nov 15, 2024
durable-objects-mcp reduced integration guesswork — categories and install configs on the listing matched the upstream repo.
★★★★★Meera Abbas· Nov 3, 2024
We wired durable-objects-mcp into a staging workspace; the listing’s GitHub and npm pointers saved time versus hunting across READMEs.
★★★★★Ira Khan· Oct 22, 2024
durable-objects-mcp is a well-scoped MCP server in the explainx.ai directory — install snippets and categories matched our Claude Code setup.
★★★★★Layla Park· Oct 6, 2024
I recommend durable-objects-mcp for teams standardizing on MCP; the explainx.ai page compares cleanly with sibling servers.
★★★★★Yuki Agarwal· Oct 6, 2024
Useful MCP listing: durable-objects-mcp is the kind of server we cite when onboarding engineers to host + tool permissions.
★★★★★Layla Li· Sep 25, 2024
According to our notes, durable-objects-mcp benefits from clear Model Context Protocol framing — fewer ambiguous “AI plugin” claims.

showing 1-10 of 49

1 / 5