Install MCP servers from the Syphon registry, pin versions, and keep everything reproducible.
Install the latest published version of a package:
$ syphon install github-tools
This resolves the latest non-yanked version, downloads the tarball, verifies the ed25519 signature, extracts to ~/.syphon/packages/<name>, and writes an entry to the lockfile.
Append a version spec after @:
# exact version$ syphon install github-tools@1.0.0$# semver range (latest satisfying)$ syphon install github-tools@^1.0.0$ syphon install github-tools@~1.2.0$# named tag$ syphon install github-tools@beta$ syphon install github-tools@latest
When no spec is given, Syphon resolves the latest tag. You can create custom tags when publishing with --tag.
| Flag | Description |
|---|---|
| --force | Reinstall even if already at that version |
| --dangerously-skip-verify | Skip ed25519 signature verification (prints a warning) |
| --link | Register the package with detected agent frameworks after install |
--dangerously-skip-verify
Every install writes to ~/.syphon/lockfile.json — a JSON record of every installed package, its resolved version, tarball checksum, and install timestamp. This makes installs reproducible and lets syphon audit check for known vulnerabilities.
{
"github-tools": {
"name": "github-tools",
"version": "1.0.0",
"checksum_sha256": "a3f8b2c1...",
"install_path": "/Users/you/.syphon/packages/github-tools",
"installed_at": "2026-05-12T10:23:00Z"
}
}$ syphon list# NAME VERSION INSTALLED LATEST# github-tools 1.0.0 2 hours ago 1.0.0# search-web 1.0.0 1 day ago 1.0.0
Add --outdated to highlight packages behind their latest version. Add --json to get machine-readable output.
# upgrade a specific package$ syphon upgrade github-tools$# upgrade all installed packages$ syphon upgrade$# preview what would change without applying$ syphon upgrade --dry-run
$ syphon uninstall github-tools# Uninstall github-tools@1.0.0? [y/N] y# ✓ Uninstalled github-tools$# skip the confirmation prompt$ syphon uninstall github-tools --yes
Uninstall removes the extracted directory and the lockfile entry but does not purge the cached tarball. If you reinstall the same version it won't re-download.