Zammad-MCP
Zammad-MCP is an MCP (Model Context Protocol) server that exposes Zammad helpdesk capabilities to AI assistants via tools for managing tickets, users, organizations, groups/system lists, and attachments (including listing, downloading as base64, and deleting attachments). It supports both stdio and an HTTP transport mode for remote MCP deployments.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
README and manifest indicate multiple security measures: input validation/sanitization, SSRF protection via URL validation, XSS prevention, preference for API tokens over passwords, dependency scanning and CI security testing (Bandit/Safety/pip-audit). For HTTP transport, README warns to bind to 0.0.0.0 only behind a reverse proxy with TLS and to implement authentication at the proxy/application layer; this suggests TLS/auth are not inherently enforced by the MCP server itself.
⚡ Reliability
Best When
You need an agent-accessible helpdesk integration for Zammad and can run the MCP server with appropriate Zammad API tokens, using stdio for local/desktop use or HTTP behind a properly secured reverse proxy.
Avoid When
Avoid exposing the HTTP transport broadly or without TLS/auth; avoid username/password auth if an API token is available; avoid sending large unpaginated requests that could stress rate limits.
Use Cases
- • AI-assisted ticket triage, search, and summarization
- • Drafting and updating ticket responses and metadata
- • User and organization lookup in Zammad
- • Managing ticket tags and adding articles/notes
- • Retrieving and handling ticket attachments during support workflows
Not For
- • Direct public exposure of the MCP endpoint without authentication and TLS
- • Use cases requiring fine-grained, per-tool/operation authorization beyond what Zammad tokens provide
- • Real-time operations that require guaranteed low-latency and strict SLA guarantees (not documented)
Interface
Authentication
Authentication is delegated to Zammad using a configured token or credentials. README advises API tokens over passwords; it also notes tokens must have permissions for operations. The MCP layer itself does not appear to provide additional fine-grained scopes beyond what the Zammad token allows.
Pricing
Open-source project; no service pricing described. Costs are those of running the MCP server and consuming your Zammad instance/API usage.
Agent Metadata
Known Gotchas
- ⚠ HTTP transport requires MCP_TRANSPORT=http and correct MCP_HOST/MCP_PORT; endpoint is at /mcp/
- ⚠ Docker stdio mode requires the -i flag so the server can receive stdin
- ⚠ Large searches/downloads may hit Zammad rate limits; README recommends reducing frequency and paginating
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for Zammad-MCP.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.