mcp-client-gen
mcp-client-gen generates type-safe TypeScript clients from MCP (Model Context Protocol) server schemas, including a helper for establishing an MCP connection and handling OAuth 2.1 (PKCE) browser-based auth for OAuth-protected MCP servers.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
The package relies on OAuth 2.1 with PKCE and browser-based authorization (better than no auth), but documentation provided does not specify scopes, token storage, refresh token handling, redirect URI validation, or whether any sensitive data is logged. It also performs dynamic client registration, which may have security implications if not carefully controlled.
⚡ Reliability
Best When
You want to call MCP tools from TypeScript with generated method/type definitions and can tolerate OAuth browser flows when required by the MCP server.
Avoid When
You need deterministic, headless authentication (no browser interaction) or you require a formally specified, vendor-neutral authentication/token storage policy for this generator itself.
Use Cases
- • Generate strongly-typed TypeScript SDKs for MCP tools to use in Node/Bun apps
- • Integrate MCP servers (e.g., Notion, GitHub Copilot MCP) into TypeScript codebases with compile-time types
- • CLI-driven client generation from an MCP server URL or from local config (.mcp.json, .cursor/, .vscode/)
Not For
- • Producing a runtime MCP server (it’s a client/code generator, not a server)
- • Projects needing a documented REST/GraphQL API surface for mcp-client-gen itself (it targets MCP servers, not an HTTP API)
- • Security/compliance-sensitive environments that require explicit control over OAuth redirect URIs, client registration, and token storage behavior without browser-based flows
Interface
Authentication
The README claims “zero config auth” for OAuth-protected MCP servers via Dynamic Client Registration and PKCE, but does not document scope granularity, token storage location, or refresh-token behavior.
Pricing
No pricing details provided in the README content; appears to be an open-source npm package (MIT) used locally for code generation.
Agent Metadata
Known Gotchas
- ⚠ Generated clients depend on remote MCP server schemas; changes in the upstream MCP schema may require re-generation.
- ⚠ Authentication behavior is described at a high level; without deeper docs, an agent may struggle with non-interactive/headless environments.
- ⚠ Output can be directed to stdout or file; ensure file paths/overwrite behavior are handled correctly when automating runs.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for mcp-client-gen.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.