modernbank-mcp-server

A Spring Boot 3.2 MCP-compatible HTTP service that accepts chat messages, uses Google Gemini function-calling to select a banking-related capability (e.g., list transactions, list accounts, fetch account details), calls downstream ModernBank services via Spring Cloud OpenFeign, and maps results back to MCP-compliant payloads. It also attempts to resolve missing inputs (like accountId) by fetching available accounts and returning a pendingRequest for the user to choose.

Evaluated Apr 04, 2026 (16d ago)
Repo ↗ DevTools mcp spring-boot llm-function-calling feign banking google-gemini api-orchestration
⚙ Agent Friendliness
47
/ 100
Can an agent use this?
🔒 Security
46
/ 100
Is it safe for agents?
⚡ Reliability
22
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
55
Documentation
65
Error Messages
--
Auth Simplicity
70
Rate Limits
10

🔒 Security

TLS Enforcement
70
Auth Strength
40
Scope Granularity
20
Dep. Hygiene
50
Secret Handling
55

Security posture is partially implied: TLS is not explicitly guaranteed in the README, and auth enforcement at the MCP endpoints is not documented (the service mainly propagates Authorization and user context headers to downstream services). Secrets are referenced as a Gemini API key placeholder in application.yml; there is no detail on secret vaulting/log redaction. Scope granularity and fine-grained authorization checks are not described.

⚡ Reliability

Uptime/SLA
0
Version Stability
35
Breaking Changes
20
Error Recovery
35
AF Security Reliability

Best When

You want an experimental MCP-style integration that routes LLM function calls to internal banking APIs and can tolerate incomplete tool implementations during early development.

Avoid When

You need a fully implemented, well-specified MCP server with complete tool coverage, clear operational limits, and strong externally documented auth and reliability guarantees.

Use Cases

  • Chat-based banking interactions (list transactions, view accounts/details)
  • Function-calling orchestration between an LLM and internal banking services
  • MCP-like routing layer that enriches missing parameters and prompts the client
  • Header/context propagation to downstream services for user-aware operations

Not For

  • Production deployment without completing stubbed endpoints and unimplemented tool branches
  • Clients that expect the /v1/api/mcp/invoke and /v1/api/mcp/process-old routes to work
  • Use where strict rate-limit guarantees, retry/idempotency guidance, and robust error contracts are required
  • Security-sensitive environments without documented auth enforcement at the MCP endpoint

Interface

REST API
Yes
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

Methods: Header passthrough for Authorization and user context headers (Authorization, X-User-Id, X-User-Email, X-User-Role)
OAuth: No Scopes: No

The service propagates incoming auth/user context headers to downstream Feign calls, but the README does not describe an explicit auth mechanism protecting the MCP endpoints themselves (e.g., API key/OAuth enforcement, scope checks).

Pricing

Model: Google Gemini (model name mentioned: gemini-flash-
Free tier: No
Requires CC: No

No pricing information for the server itself; costs depend on Gemini usage and downstream service calls.

Agent Metadata

Pagination
range-based/pagination parameters (listed as supported in transaction_list via pagination and range parameters)
Idempotent
False
Retry Guidance
Not documented

Known Gotchas

  • Unimplemented routes: /v1/api/mcp/invoke returns null; /v1/api/mcp/process-old is unimplemented.
  • Tool coverage mismatch: transfer_money is registered in ServiceRegistry but not implemented in TransactionService#execute, causing IllegalArgumentException.
  • ATM_transaction_create returns null (ATM integration not wired).
  • If Gemini omits accountId, the service may return a pendingRequest requiring an additional user selection step.

Alternatives

Direct integration with backend banking APIs plus a separate LLM tool orchestration layer (without MCP wrapper) A REST/GraphQL gateway that exposes explicit banking endpoints and uses the LLM only for intent detection An MCP server framework with autogenerated OpenAPI/MCP tooling contracts and comprehensive tool implementations Agentic orchestration using function calling with strict schema validation and deterministic routing (no chat-to-transaction coupling)

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for modernbank-mcp-server.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-04-04.

8642
Packages Evaluated
17761
Need Evaluation
586
Need Re-evaluation
Community Powered