api-agent
Provides a universal MCP server that exposes GraphQL and REST APIs as MCP tools. It introspects a target GraphQL endpoint or OpenAPI/Swagger spec, answers questions in natural language, fetches data, stores results in DuckDB, and performs SQL post-processing. It also supports “recipe learning” to cache reusable query pipelines as additional dynamic MCP tools.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
TLS enforcement is not explicitly stated; examples use localhost HTTP for the MCP server. Downstream API auth is passed via X-Target-Headers (static headers) which is flexible but can be risky if logged or mishandled by clients/servers. The tool set is read-only by default with an explicit unsafe-path allowlist for write operations, which is a good control, but scope granularity for authorization is not described. No security posture details (logging redaction, secret handling practices, SSRF protections, path/path-matching safety beyond glob patterns) are provided in the README content.
⚡ Reliability
Best When
You want an agent/MCP client to explore and analyze external GraphQL/REST APIs quickly using a consistent tool interface, and you accept that results may involve SQL post-processing over fetched data.
Avoid When
You need deterministic, contract-first correctness (e.g., strict schema-to-query validation) or you must minimize data retention/storage, or you cannot safely supply auth headers to a server that will call third-party endpoints.
Use Cases
- • Natural-language querying over unfamiliar GraphQL/REST APIs
- • Post-processing API data with SQL (ranking, filtering, joins, aggregations) even if the upstream API lacks those capabilities
- • Rapid creation of MCP tools over many APIs without writing custom glue code
- • Read-only API exploration and analytics; optionally controlled unsafe operations via allowlisting
- • Reusing successful query patterns via cached recipes
Not For
- • Production workloads requiring strict data governance unless additional controls are added
- • APIs that require complex authentication flows not representable via static headers
- • Environments that cannot tolerate storing fetched data in DuckDB
- • Use cases requiring guaranteed pagination completeness from upstream APIs (unless explicitly handled)
- • Use cases needing strong, audited mutation semantics (mutations only “blocked unless explicitly allowed”)
Interface
Authentication
The README describes passing downstream API authentication as static HTTP headers (X-Target-Headers). It also notes read-only-by-default behavior and an unsafe method allowlist controlled by X-Allow-Unsafe-Paths.
Pricing
No pricing for the server itself is stated in the provided content; it appears to rely on OpenAI API usage plus your infrastructure/runtime.
Agent Metadata
Known Gotchas
- ⚠ Rate limits and pagination behavior of the upstream API are not described in the provided content; agent may fetch partial data unless the upstream API/data volume is handled explicitly.
- ⚠ Auth is provided via static headers; if tokens expire, long-running agents may fail without a refresh mechanism.
- ⚠ Results are stored in DuckDB; large responses may increase memory/disk usage and affect reliability.
- ⚠ Recipes depend on schema hash; schema changes can invalidate cached tools.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for api-agent.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.