Marrow CLI
The Marrow CLI carries Marrow context into local workflows and ships the local
MCP compatibility entrypoint in the same public client. It connects documents, URLs, and
records; retrieves useful context with citations and visible gaps; uses native
memory commands; manages API keys; and runs local stdio MCP. Hosted MCP at
https://mcp.marrow.id is the recommended MCP path. Version 1.0.4
keeps account authority and product credentials deliberately separate:
- a CLI session authorizes human account and API-key management;
MARROW_API_KEYauthorizes product commands and local MCP;- non-secret defaults live in the Marrow config file;
- customer keys never enter command arguments or Marrow config.
Use the exact public clients @marrowid/[email protected], @marrowid/[email protected],
and marrowid==1.0.4;
Python imports the client with from marrow import Marrow. HTTP is their
semantic authority.
Direct HTTP, Python, and CLI examples run in a
trusted application process; keeping credentials there does not provide
prompt-injection isolation for untrusted content. See the
OpenAPI document and the
Native Memory API.
Install
Install CLI version 1.0.4 with Node.js 20 or newer:
npm install -g @marrowid/[email protected]
npm exec --package @marrowid/[email protected] -- marrow --version
marrow --version
marrow --help
If an older global binary is already on PATH, the npm exec check verifies
1.0.4 independently before you replace the global install.
First setup
Create the local config, set only the defaults you need, then inspect the local setup without making a network request:
marrow init
marrow config --workspace default
marrow doctor
marrow init and marrow config write only the API base URL and workspace
default. marrow doctor reports package, platform, config permissions,
and whether MARROW_API_KEY is present. It reports presence, never the key.
An upgraded client that finds a legacy plaintext apiKey refuses every network
request. Set MARROW_API_KEY through your shell, process manager, or secret
store; the next network command removes only the legacy key field atomically and
preserves the non-secret defaults.
Credentials and platform support
| Task | Credential | Storage |
|---|---|---|
| Product ingest, query, and native memory commands | Customer API key | MARROW_API_KEY in the process environment |
| Local stdio MCP | Customer API key | Inherited MARROW_API_KEY; never MCP JSON |
| Hosted MCP | Interactive authorization or customer API key | MCP client's protected credential store |
| API-key create, rotate, revoke, and list | CLI account session | macOS Keychain |
| Browser account and billing work | Browser session | Marrow Console |
Auth
Customer API keys are for apps and automation, not for signing in to this local CLI.
Device sign-in is available on macOS in version 1.0.4:
marrow auth login
marrow auth status
The browser flow must show the account, short code, expiry, and consequence
before deliberate approval. Login or signup alone does not approve a device.
Linux and Windows reject marrow auth login before sending a device request;
use the Console for account management and an environment customer key for
product commands and local MCP.
Sign out the device when it should no longer manage the account:
marrow auth logout
Logout clears the CLI session. It does not revoke or rotate customer API keys.
Add records
Product commands require MARROW_API_KEY. Preview a source before writing:
marrow ingest url https://example.com/onboarding-note --dry-run --dated-at 2026-05-16
marrow ingest file ./onboarding.md --dry-run --dated-at 2026-05-16
Submit it when the preview is correct:
marrow ingest url https://example.com/onboarding-note --dated-at 2026-05-16 --idempotency-key onboarding-note-2026-05-16
marrow ingest file ./onboarding.md --dated-at 2026-05-16 --idempotency-key onboarding-file-2026-05-16
Use the authored, published, or otherwise relevant date. A live submission
requires a caller-owned idempotency key between 8 and 160 characters. Reuse the
same key when retrying the same submission; use a new key for a different
source or changed content. Dry-runs may omit it. Poll the returned job until it
reaches succeeded, failed, or quarantined:
marrow ingest jobs list --limit 5
marrow ingest jobs show <job-id>
Retrieve cited context
Ask one concrete question after processing succeeds:
marrow query "What should this workflow remember about onboarding?" --limit 5 --evidence-limit 3
Marrow returns public answer fields, citations, source labels, excerpts, and
warnings. An insufficient_evidence result is a usable outcome: add source
material or continue without Marrow context instead of filling the gap.
Native workspace, peer, session, claim, event, and queue commands use the same
environment customer key. Use each command's --help option for its exact
arguments.
Manage API keys on macOS
With an active CLI account session:
marrow api-keys list
marrow api-keys create --name "Production app"
marrow api-keys create --name "Query only" --scope query
marrow api-keys create --name "Memory app" --scope ingest --scope query --scope memory.read --scope memory.write
marrow api-keys rotate <key-id>
marrow api-keys revoke <key-id>
Omit scope flags for the ingest,query default. The admitted scopes are
ingest, query, memory.read, and memory.write. Customer API keys accept only ingest,
query, memory.read, and memory.write. Create and rotate show
the new secret once; list and revoke never reveal secret material.
MCP
Connect remote-capable clients to the canonical hosted endpoint:
https://mcp.marrow.id
Interactive authorization is the usual choice for a person connecting an MCP client to their existing Marrow account; it grants the full hosted 15-tool resource. A server-managed MCP client may use a customer API key with the required memory scopes. The connected application remains visible and revocable in Console.
Use marrow mcp only when the MCP client requires a local stdio server. It is
a first-party compatibility adapter over the same Marrow account and 15-tool
registry, not a separate local-memory product.
marrow mcp is the shipped local newline-delimited JSON-RPC entrypoint over
stdio. Start the MCP client from a process that already inherits
MARROW_API_KEY; do not paste a key into MCP client JSON.
marrow mcp
The server exposes exactly 15 manifest-backed tools for peer, session, claim,
event, queue, context, and representation workflows. Read tools require
memory.read; write tools require memory.write. A wrong-scope or revoked key
returns a visible API error and does not silently widen authority.
A coding agent can complete Phase A without an API key by preparing the
non-secret marrow mcp host configuration and naming the minimum scopes. The
human configures MARROW_API_KEY in the host-managed MCP environment, restarts
the host, and resubmits the task. In Phase B, the agent discovers the invariant
15-tool registry. It never asks a user or model to print the key. Use the
copyable coding-agent prompt
for the complete handoff.
The local MCP server and tool schemas are available with the CLI. Calls to
native memory remain scoped by memory.read and memory.write.
Output and recovery
Human-readable output is the default. Use --json only when automation needs a
stable structured response.
- Missing key: configure
MARROW_API_KEYin the invoking process. - Missing live-ingest replay key: add
--idempotency-key <key>, or use--dry-runwhile previewing. - Legacy plaintext key: supply the environment key once so the client can remove the legacy config field before network use.
- Wrong scope: rotate or create a key with only the required scope.
- Revoked key: replace the environment value; do not restore the old key.
- Device login on Linux or Windows: use the Console for account work.
- Local setup uncertainty: run
marrow doctor; it performs no network request.
Proprietary. UNLICENSED means the package is a distribution channel, not an
open-source grant.