wexin-push-mcp-server
Provides an MCP server that exposes a tool (wechatNotice) to send WeChat official-account template messages via WeChat’s API. It supports MCP connectivity in STDIO mode (launched by an MCP client) and SSE mode (HTTP/SSE URL).
Score Breakdown
⚙ Agent Friendliness
🔒 Security
TLS for SSE/HTTP endpoints is not explicitly required in documentation (examples use http://127.0.0.1). Authentication uses WeChat appsecret; there is no indication of per-tool auth, scopes, or multi-tenant isolation. README shows appsecret values embedded in example commands, which is a common risk if copied into logs/issue threads; no explicit guidance about secret redaction is provided. Dependency/CVE posture cannot be verified from the provided content.
⚡ Reliability
Best When
You want a simple MCP tool endpoint that sends a WeChat template message using fixed configuration (appid/appsecret/template_id/touser) from an MCP-capable agent runtime.
Avoid When
You need strong per-request authorization, multi-tenant separation, or you cannot safely manage/secure appsecret credentials.
Use Cases
- • AI agents that need to trigger WeChat template message notifications
- • Automated delivery of templated operational updates (e.g., alerts, confirmations)
- • Integrations where an MCP client can call tools over MCP to send messages to WeChat users
Not For
- • High-frequency bulk messaging without understanding WeChat API limits
- • Applications requiring OAuth-based user consent flows (service uses app credentials)
- • Use cases needing rich templating logic beyond providing the subject/description fields shown
Interface
Authentication
Authentication to WeChat is handled server-side using a single configured appsecret; README does not indicate user-level auth or fine-grained scopes for MCP tool access.
Pricing
No pricing information provided (likely an open-source project).
Agent Metadata
Known Gotchas
- ⚠ Authentication material (appsecret) is passed via command args/env variables; careless logging or sharing could expose secrets.
- ⚠ Example includes fixed template_id/touser; for per-request recipient selection you may need code changes (not described).
- ⚠ SSE mode binds an HTTP URL; ensure network exposure and access controls if deploying beyond localhost.
- ⚠ No explicit rate-limit or retry/backoff guidance is documented in the README, so agents may need conservative retry policies.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for wexin-push-mcp-server.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-04-04.