things-mcp
Provides an MCP (Model Context Protocol) server to let an MCP-capable client (e.g., Claude Desktop/Code) interact with Things 3 task-management data on macOS—listing items, searching, and creating/updating tasks and projects via Things’ URL scheme/Things.py integration. Supports stdio transport by default and optional HTTP transport via environment variables.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Transport defaults to stdio (safer than remote HTTP). Optional HTTP transport is documented via environment variables, but no TLS requirement or authentication/authorization is described here—so exposing the HTTP port publicly could be risky. The tool operates on user’s personal Things data; treat it as privileged within that user context. No secret-management details are provided in the README.
⚡ Reliability
Best When
You want an agent/assistant to read and act on your personal Things 3 database via MCP tools, directly from a local macOS workflow.
Avoid When
You need fine-grained authorization boundaries between multiple users or remote, internet-exposed HTTP access without additional network hardening.
Use Cases
- • Summarize and review items from Things lists (Inbox/Today/Upcoming/Anytime/Someday/Logbook/Trash).
- • Create todos and projects with natural scheduling keywords/dates (including reminder datetimes).
- • Update existing tasks/projects (e.g., modify schedules/status/metadata).
- • Search and filter tasks using multiple criteria (status, dates, tags, areas, types, recency).
- • Manage tags, and fetch tagged items for planning and prioritization.
Not For
- • Non-macOS environments (Things 3 is macOS-only).
- • Teams seeking a hosted, multi-user API with strong centralized access control (this appears to operate on a local client and user’s Things data).
- • Use cases requiring guaranteed enterprise compliance controls beyond the user’s local environment setup.
Interface
Authentication
No authentication mechanism (API keys/OAuth) is described in the README. If HTTP transport is enabled, access control for the HTTP server is not documented here.
Pricing
Open-source (MIT) and distributed via PyPI/uvx; no pricing information provided.
Agent Metadata
Known Gotchas
- ⚠ Default transport is stdio; if you enable HTTP transport, you’ll need to ensure it is not exposed broadly without appropriate firewall/network controls.
- ⚠ This server operates against a local Things 3 database; ensure Things has been opened at least once and “Enable Things URLs” is enabled.
- ⚠ Behavior around Someday-project exclusion from Today/Upcoming/Anytime is described; agents should account for this when reconciling list views.
- ⚠ Potential ambiguity in natural-language scheduling: use the documented accepted formats (keywords/date/ISO-like datetime@HH:MM).
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for things-mcp.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.