loanpro-mcp-server

LoanPro MCP server (Go) that implements MCP tooling for read-only access to LoanPro loan and customer data, exposing tools over HTTP (JSON-RPC at /mcp), SSE, and stdio transports.

Evaluated Apr 04, 2026 (16d ago)

Repo ↗ API Gateway mcp loanpro go json-rpc stdio sse http read-only financial-data tools

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

TLS enforcement is not explicitly stated for the MCP server. The server likely uses HTTPS to reach LoanPro (via LOANPRO_API_URL) but client-facing transport security/auth are not detailed. Authentication appears to be only for upstream LoanPro (API key/tenant id) and not for inbound access to the MCP server. README mentions configurable logging and debug mode; care is needed to ensure request/response bodies and headers do not leak secrets in DEBUG logs. No information provided about dependency scanning, pinned versions, or CVE status.

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

Used internally by trusted users/agents to read loan/customer data from a configured LoanPro instance over a protected network, leveraging MCP clients via stdio or HTTP.

Avoid When

Exposed to the public internet without authentication/authorization controls, or used where compliance requirements demand stronger audit/access controls than described.

Use Cases

• Agent-assisted retrieval of loan details by ID
• Searching loans and customers by filters/search terms
• Fetching loan payment history and transaction history for reporting/analysis
• Integrating LoanPro read-only data into MCP-capable clients (e.g., Claude Desktop)

Not For

• Performing any write operations (server is described as read-only)
• Production use without securing transport/auth and network access controls
• Handling sensitive personal data in multi-tenant or public contexts without strong governance

Interface

REST API

Yes

GraphQL

gRPC

MCP Server

Yes

SDK

Webhooks

Authentication

Methods: API key via LOANPRO_API_KEY (configured in .env)

OAuth: No Scopes: No

README describes only LoanPro credentials via environment variables. No explicit end-user authentication/authorization for the MCP server endpoints is documented.

Pricing

Free tier: No

Requires CC: No

Open-source (MIT) repository; no hosted pricing described.

Agent Metadata

Pagination

limit-based

Idempotent

False

Retry Guidance

Not documented

Known Gotchas

⚠ No explicit rate-limit headers or retry/backoff guidance described.
⚠ No explicit server-side authentication/authorization documented for /mcp; agents should not expose the service publicly.
⚠ Search endpoints use a default limit of 10; tools/call results may be truncated unless limit is provided.

Alternatives

Direct integration with LoanPro APIs (without MCP) Self-hosted MCP server wrappers around LoanPro APIs with stricter auth proxies Using a managed data access layer/API gateway that enforces auth, logging, and rate limiting

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for loanpro-mcp-server.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-04-04.