feat(mcp): add 'apify mcp install <client>' command

[MQ37]

Context

Implements the "configuration only" half of apify/ai-team#147 — a new apify mcp install <client> command that configures the Apify MCP server in six AI clients (Claude Code, Cursor, VS Code, Codex CLI, Kiro, Antigravity).

Closes apify/ai-team#175
Part of apify/ai-team#147

Solution

Per-client handler dispatched by the client argument, writing the documented config shape to each client's user-global location, or shelling out to the client's own CLI (claude mcp add --scope user, codex mcp add). Token resolves from --token → APIFY_TOKEN env → stored apify login. JSON files merge the apify entry without clobbering other entries; an existing entry triggers a --yes/prompt overwrite gate (matches the YesFlag() convention used by actors rm, builds rm, etc.).

Worth your attention

• Token never reaches the terminal. claude mcp add echoes the Authorization header on success, so we use stdio: ['ignore', 'ignore', 'inherit'] to discard child stdout and keep live errors. The overwrite-confirm prompt no longer prints the existing entry either. Two expect(stderr).not.toContain(TEST_TOKEN) tests guard against regression.
• Claude Desktop intentionally not included — its MCP support currently relies on the mcp-remote local stdio bridge, which is on a deprecation track as Claude Desktop adds native remote-MCP support via Connectors. Easy to add back later.
• claude-code passes --scope user so the server lands in user-wide config, matching every other client's default user-global location.
• Codex uses bearer_token_env_var = "APIFY_TOKEN" — codex's runtime rejects literal bearer_token (Config schema exposes unsupported MCP bearer_token field openai/codex#19275), so env var indirection is the only HTTP-transport auth it accepts. The next-steps tell the user to export APIFY_TOKEN=<your-token> in their shell rc.
• userHomeDir helper extracted to src/lib/utils.ts and reused from cli-management/install.ts (removes the second copy of the same idiom).

Follow-up

• apify/ai-team#176 — built-in agent (apify <prompt>) bundling mcpc + OpenRouter Actor.

[vladfrangu]

VS Code, and possibly it's forks (I only have Cursor that I checked), have a CLI interface for adding MCP servers

Model Context Protocol
  --add-mcp <json> Adds a Model Context Protocol server definition to the user profile. Accepts JSON input in the form '{"name":"server-name","command":...}'

let's avoid editing files wherever possible. And if we cannot avoid editing files, we must preserve everything in them at all costs (not necessarily indentation between tabs and spaces but definitely comments [so read the file via I think JSON5])

[vladfrangu]

Let's also add in vscode-insiders please (identical to vscode except binary is code-insiders)

[vladfrangu]

Don't forget reference docs changes need to be applied in code, not the markdown file!

[MQ37]

@vladfrangu Good point! I verified and the CLI command approach works only for VSCode but not for the forks - so I am using the --add-mpc for the vscode and vscode-insiders client. Also lets use https://www.npmjs.com/package/jsonc-parser for manipulating the files so we can actually preserve the comments.

[vladfrangu]

Really, it doesn't work for cursor? They DO document the flag, does it just not register correctly? 😢

[MQ37]

@vladfrangu For Cursor I could not pass the JSON as they have some bug in the CLI wrapper bash script. And for antigravity and kiro it did not work - the commands return "Added MCP servers: apify" but the server is not actually written to the kiro or antigravity config and thus is not available. I think they just left it there as they are forks of vscode and never actually implemented this properly.

[MQ37]

@szaganek all you suggestions applied, thank you!

[patrikbraborec]

Hi, @l2ysho is going to work on #1115. Maybe we will need to change implementation based on it?

[MQ37]

@patrikbraborec in the current implementation we are using the getLocalUserInfo helper func, that should be properly updated once we move to the keyring, so I think there are no changes needed in this PR regarding getting the local token.

@vladfrangu what is your take on this?

[vladfrangu]

Small nits

[vladfrangu]

Do we have no way to tell MCP clients or w/e they need to run a cli command to get the token?

[MQ37]

what do you mean? Like we should try to detect client installed on the system? I would honestly no do that, but it is my personal preference - I like explicit control about what I install and what does it do.

[vladfrangu]

Nono, to tell these mcp clients like codex "hey to get this token please run apify auth token"

[MQ37]

based on openai docs this is the only way https://developers.openai.com/codex/mcp#streamable-http-servers

[vladfrangu]

That is so stupid...can we propose that to them? Maybe even clanker pr it 😂

[MQ37]

we can try but from my experience with this approach we never actually ship this feature as pushing PR there will be super painful - but maybe they are fast and responsive 😄 I would honestly merge this is we want to ever ship this and then we can negotiate with them and iterate on this Apify CLI feature.

[MQ37]

@vladfrangu some tests are failing but it should be unrelated to this PR:

 FAIL  test/api/__fixtures__/commands/python/python-scrapy-template-works.test.ts > [python] [api] scrapy template works > should run the actor
 FAIL  test/api/__fixtures__/commands/python/python-scrapy-template-works.test.ts > [python] [api] scrapy template works > should run the actor
 FAIL  test/api/__fixtures__/commands/python/python-scrapy-template-works.test.ts > [python] [api] scrapy template works > should run the actor
 FAIL  test/api/__fixtures__/commands/python/python-scrapy-template-works.test.ts > [python] [api] scrapy template works > should run the actor