Payload v4: the MCP plugin exposes your collections to LLMs - and it's opt-out

Overview

@payloadcms/plugin-mcp turns your Payload CMS into an MCP server, exposing your collections as tools for LLMs.

Heads up for v4: after a refactor, every collection is now exposed with full CRUD by default. It's opt-out - you disable individual tools rather than enabling them:

mcpPlugin({
  collections: {
    // posts is exposed automatically - no entry needed
    users: {
      tools: {
        create: false,
        update: false,
        delete: false
      }
    },
    // find only
  },
})

Custom Tools

Custom tools are defined with the defineTool builder, taking input via zod v4:

tools: {
  getPostScores: defineTool({
    description: 'Score recent posts',
    input: z.object({
      since: z.string()
    }),
  }).handler(async ({ input, req }) => ({
    content: [/* ... */]
  })),
}

Important Note After Upgrading

⚠️ The thing to actually do after upgrading: collections you never listed are suddenly reachable through MCP. Review them and disable anything sensitive - an exposed users collection with delete is not a great default to inherit by accident.