v3-docs/docs/community-packages/wormhole.md
Who maintains the package – William Reiske[[toc]]
Meteor Wormhole is a server-only, Meteor 3.4+ package that bridges your Meteor methods to the outside world through:
POST /api/<method> endpoint./api/docs.Two lines to get started:
import { Wormhole } from 'meteor/wreiske:meteor-wormhole';
Wormhole.init(); // That's it — all your methods are now MCP tools
By default it runs in "all-in" mode, which automatically exposes every Meteor.methods() call (minus DDP internals, private _-prefixed methods, and Accounts methods). You can also run in "opt-in" mode for explicit control:
Wormhole.init({ mode: 'opt-in' });
Wormhole.expose('todos.add', {
description: 'Add a new todo item',
inputSchema: {
type: 'object',
properties: {
title: { type: 'string', description: 'The todo title' },
priority: { type: 'string', enum: ['low', 'medium', 'high'] }
},
required: ['title']
}
});
Add richer schemas and descriptions, and AI agents get better context about what your tools do and how to call them.
/mcp, session management, JSON-RPC 2.0rest: { enabled: true } for traditional HTTP clients_private methods, and Accounts methods; add your own patternsMeteor.Error details are properly passed through to clientsWormhole.expose()Wormhole.init({
mode: 'all', // 'all' or 'opt-in'
path: '/mcp', // MCP endpoint path
name: 'my-app', // MCP server name
apiKey: 'secret', // Optional bearer token auth
exclude: [/^admin\./], // Additional exclusion patterns
rest: {
enabled: true, // Enable REST API
path: '/api', // REST base path
docs: true // Swagger UI at /api/docs
}
});
If you use Claude Desktop, Cursor, VS Code Copilot, or any other MCP-compatible client, you can connect to a Wormhole-enabled app and your AI assistant will immediately see all the exposed methods as callable tools. Just point it at your app's /mcp endpoint.
Wormhole.init(options)Initialize the MCP bridge.
| Option | Type | Default | Description |
|---|---|---|---|
mode | 'all' | 'opt-in' | 'all' | Exposure mode |
path | string | '/mcp' | HTTP endpoint path |
name | string | 'meteor-wormhole' | MCP server name |
version | string | '1.0.0' | MCP server version |
apiKey | string | null | null | Bearer token for auth |
exclude | (string | RegExp)[] | [] | Methods to exclude (all-in mode) |
rest | object | boolean | false | REST API configuration (see below) |
rest options| Option | Type | Default | Description |
|---|---|---|---|
enabled | boolean | false | Enable REST endpoints |
path | string | '/api' | Base path for REST endpoints |
docs | boolean | true | Serve Swagger UI at <path>/docs |
apiKey | string | null | inherited | API key for REST (defaults to main apiKey) |
Shorthand: rest: true enables REST with all defaults.
Wormhole.expose(methodName, options)Explicitly expose a method as an MCP tool.
| Option | Type | Description |
|---|---|---|
description | string | Human-readable tool description |
inputSchema | object | JSON Schema for method parameters |
outputSchema | object | JSON Schema for the return value (wrapped inside { result } envelope in OpenAPI/REST) |
Wormhole.unexpose(methodName)Remove a method from MCP exposure.
Registration: In all-in mode, the package monkey-patches Meteor.methods to intercept every method registration. In opt-in mode, you call Wormhole.expose() manually.
MCP Server: A Streamable HTTP MCP server is mounted at the configured path (default /mcp) on Meteor's WebApp.
Tool Mapping: Each exposed Meteor method becomes an MCP tool. Method names are sanitized (e.g., todos.add → todos_add).
Invocation: When an AI agent calls a tool, the bridge invokes the corresponding Meteor method via Meteor.callAsync() and returns the result.
REST API (optional): When enabled, a parallel REST bridge mounts at the configured path. Each method gets a POST endpoint. An OpenAPI 3.1 spec is auto-generated from the registry's metadata and input schemas, and Swagger UI provides interactive documentation.