publicdotcom-mcp-server

Provides an MCP (Model Context Protocol) server exposing Public.com brokerage/trading API operations as MCP tools (read-only and write/destructive actions) over stdio for AI assistants.

Evaluated Mar 30, 2026 (0d ago)
Repo ↗ Ai Ml mcp brokerage trading stocks options crypto python stdio tooling
⚙ Agent Friendliness
57
/ 100
Can an agent use this?
🔒 Security
54
/ 100
Is it safe for agents?
⚡ Reliability
22
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
70
Documentation
65
Error Messages
0
Auth Simplicity
80
Rate Limits
10

🔒 Security

TLS Enforcement
70
Auth Strength
55
Scope Granularity
20
Dep. Hygiene
60
Secret Handling
65

Secrets are supplied via environment variables (good baseline), but the README does not describe least-privilege scopes, token lifetimes, or explicit protections against logging secrets. Destructive trading tools increase the blast radius if an agent is misconfigured.

⚡ Reliability

Uptime/SLA
0
Version Stability
30
Breaking Changes
40
Error Recovery
20
AF Security Reliability

Best When

You need an AI assistant to retrieve brokerage data and optionally perform order actions through a standardized MCP tool interface, with explicit tool-level readOnly/destructive hints.

Avoid When

You require a web/API gateway interface, strong operational guarantees (e.g., documented idempotency/retry semantics), or you cannot protect secrets and authorize destructive trading operations safely.

Use Cases

  • Get real-time quotes for stocks/options/crypto
  • Read portfolio holdings, buying power, and open orders
  • View transaction/order history and specific order status
  • Preflight/estimate order impact and costs
  • Place and manage trading orders (single-leg and multi-leg), including cancel/replace

Not For

  • Making financial decisions without human oversight
  • Unattended trading without additional safeguards/approvals
  • Use in environments that cannot safely handle brokerage API credentials

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
Yes
Webhooks
No

Authentication

Methods: API key/secret via environment variable (PUBLIC_COM_SECRET)
OAuth: No Scopes: No

Authentication is configured via a required secret (PUBLIC_COM_SECRET). No OAuth and no fine-grained scope model is described in the README.

Pricing

Free tier: No
Requires CC: No

README does not describe hosting costs or API usage pricing; Public.com account/API pricing would apply separately.

Agent Metadata

Pagination
none
Idempotent
False
Retry Guidance
Not documented

Known Gotchas

  • Write/destructive tools can place/cancel/replace real orders; require strong guardrails/confirmation flows before calling them.
  • Stdio MCP integrations can hide HTTP-level status/headers from the agent unless the server maps errors clearly.
  • Order operations typically are not naturally idempotent; repeated calls can have financial impact unless the implementation explicitly prevents duplicates.

Alternatives

Use the Public.com API directly with a custom integration Use the publicdotcom-py SDK directly in your own service Build a small MCP wrapper around a REST client for Public.com

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for publicdotcom-mcp-server.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-30.

6533
Packages Evaluated
19870
Need Evaluation
586
Need Re-evaluation
Community Powered