cmcp

cmcp is a Python CLI utility that acts as a 'curl for Model Context Protocol (MCP) servers', letting users list and call MCP prompts/resources/tools over multiple transports (STDIO for running local MCP servers, and HTTP/SSE for remote MCP servers). It also supports configuration via mcp.json for managing server commands/URLs and default headers/env vars.

Evaluated Mar 30, 2026 (21d ago)

Repo ↗ DevTools mcp model-context-protocol cli python json-rpc stdio-transport http-transport sse-transport

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

The CLI supports passing secrets via headers (HTTP) and env vars (mcp.json), but there is no documentation here about redacting secrets in logs/output. TLS usage depends on the user-provided URL scheme (not described in README). No OAuth/scoped authorization is described.

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

You want to quickly inspect or exercise MCP servers from automation scripts or during development using a simple CLI interface.

Avoid When

You need strong, standardized auth flows (OAuth scopes, SSO), explicit client-side rate-limit management, or guaranteed non-deprecated transports.

Use Cases

• Use an MCP server from the command line for debugging and testing
• List and call MCP tools/prompts/resources without writing code
• Interact with local MCP servers via STDIO transport
• Interact with remote MCP servers via HTTP (and deprecated SSE)
• Manage repeated MCP server connection details via .cmcp/mcp.json or ~/.cmcp/mcp.json

Not For

• User-facing production applications that require a managed API service
• Use cases needing OAuth/OIDC-based user authentication flows
• High-volume/low-latency programmatic integrations where a native SDK is required

Interface

REST API

GraphQL

gRPC

MCP Server

SDK

Webhooks

Authentication

Methods: Per-request/connection headers (e.g., Header1:value) for HTTP transport Environment variables passed through to local MCP server configuration (env field in mcp.json)

OAuth: No Scopes: No

Authentication is handled indirectly by the MCP server or transport (e.g., custom headers for HTTP; env vars for STDIO-managed servers). The CLI itself does not specify OAuth/scopes.

Pricing

Free tier: No

Requires CC: No

Open-source Python package; no pricing information provided.

Agent Metadata

Pagination

none

Idempotent

False

Retry Guidance

Not documented

Known Gotchas

⚠ Arguments and JSON payloads are provided via CLI parsing; quoting/escaping mistakes can cause malformed parameters.
⚠ SSE transport is marked deprecated; prefer HTTP unless you must use SSE.
⚠ When using mcp.json, ensure headers/env values are correct for the targeted MCP server and transport.

Alternatives

Use an MCP client library in your language (e.g., MCP Python SDK) instead of the CLI Write a small wrapper around JSON-RPC to call MCP endpoints directly (for HTTP transport) Use other MCP CLI tools/clients that support the transports you need

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for cmcp.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-30.