kroger-mcp
Provides a FastMCP server that exposes Kroger shopping capabilities (store lookup, product search, and cart/order operations) to AI assistants via MCP, backed by the kroger-api Python library and Kroger API OAuth2 credentials. Includes local-only cart tracking for viewing/removal/clearing and a workflow for adding items to a real Kroger cart.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Uses Kroger OAuth2 with client credentials and interactive browser authorization for authenticated tools. The README suggests passing CLIENT_ID/CLIENT_SECRET and redirect URI via env/.env, but does not describe token storage, encryption, or log redaction behavior. Rate limits and local cart semantics may affect user expectations, but do not by themselves create a direct security control. TLS enforcement for Kroger calls is not explicitly documented in the provided content (assumed via HTTPS by typical HTTP clients).
⚡ Reliability
Best When
You want an MCP toolset for grocery shopping assistants and can provide Kroger developer credentials, and you’re comfortable with local cart tracking semantics for removals/clears.
Avoid When
You require server-side authoritative cart viewing/removal synced with the real Kroger cart, or you cannot support an interactive OAuth2 authorization flow.
Use Cases
- • Assist users in finding nearby Kroger stores by ZIP code and selecting a preferred store
- • Search for grocery products and retrieve product details/images
- • Add products to a user’s Kroger cart through authenticated operations
- • Maintain a local shopping cart and order history for AI workflows that need cart state
- • Check basic store/pharmacy-related availability and browse store hierarchy (chains/departments)
Not For
- • A fully accurate cart experience that can remove/clear items from the real Kroger cart via the public API (the server only affects local tracking for those operations)
- • Production-grade deployment without reviewing data handling, token storage, and error/retry behavior in the underlying code
- • Use cases requiring fine-grained payment/financial guarantees or transactional guarantees beyond Kroger’s own APIs
Interface
Authentication
The README indicates that some tools do not require auth, while cart/profile modification tools require Kroger OAuth2 authorization via an inserted browser link. Scope granularity is not documented in the provided content.
Pricing
No service pricing is described; cost is primarily your environment/runtime plus Kroger API usage limits.
Agent Metadata
Known Gotchas
- ⚠ Local-only cart tracking: remove_from_cart/clear_current_cart only affect local tracking, not the actual Kroger cart.
- ⚠ Public API appears one-way for cart changes (add works; remove/clear may not propagate to the real cart).
- ⚠ Some actions require OAuth2 and an interactive authorization step; agents may need a user to complete browser auth when prompted.
- ⚠ Rate limits are per Kroger API endpoint/operation type as documented; agents should minimize redundant calls (e.g., prefer bulk add when available).
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for kroger-mcp.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.