yapi-mcp-server

Provides an MCP (Model Context Protocol) server that integrates an AI assistant with a YAPI API management instance. It exposes MCP tools to list YAPI projects/categories/interfaces, search interfaces, fetch interface details, and manage/refresh a local cache (including cache stats and per-project cache clearing).

Evaluated Apr 04, 2026 (17d ago)

Repo ↗ API Gateway mcp yapi api-management integration documentation-search cache

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

Upstream authentication is via YAPI project tokens stored in application-mcp.yml. TLS/auth requirements for the MCP server itself are not documented in the README, and there is no mention of fine-grained scopes, token rotation, or protection against exposing the SSE endpoint publicly. Cache management implies local storage/retention of YAPI data, which may need explicit consideration.

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

You have a self-hosted YAPI instance and want an MCP-capable client (e.g., an agent in an IDE) to query and search API info via standardized MCP tools.

Avoid When

When you cannot secure the server and upstream YAPI credentials (tokens), or when you need strong guarantees about API error semantics/pagination/retry behavior that are not documented here.

Use Cases

• AI-assisted exploration of YAPI API documentation (projects, categories, interfaces)
• Natural-language search for API endpoints by name/keyword/path
• Retrieving detailed request/response information for a specific interface
• Caching YAPI data locally to reduce repeated YAPI queries

Not For

• Public, unauthenticated deployments exposed to the internet
• Use cases requiring strict compliance reporting or audited security controls without additional hardening
• Workflows needing formal REST/GraphQL/OpenAPI client compatibility (this is primarily an MCP server)

Interface

REST API

GraphQL

gRPC

MCP Server

Yes ↗

SDK

Webhooks

Authentication

Methods: Yapi project tokens configured in application-mcp.yml (project-tokens: {projectId: token})

OAuth: No Scopes: No

Auth mechanism appears to rely on static per-project tokens for the upstream YAPI, configured via YAML. The README does not describe any auth for the MCP server itself (e.g., whether it is protected).

Pricing

Free tier: No

Requires CC: No

Open-source style project (MIT) per README; no hosted service pricing described.

Agent Metadata

Pagination

none

Idempotent

False

Retry Guidance

Not documented

Known Gotchas

⚠ Cache-related tools (refreshCache/clearProjectCache) may have side effects; idempotency and concurrency behavior are not documented.
⚠ Auth protection for the MCP server endpoint is not described; ensure MCP server is reachable only in trusted environments.

Alternatives

Use YAPI’s native UI and/or export APIs (e.g., Swagger/OpenAPI generation) and let the agent query the generated spec Build a custom MCP server around YAPI’s REST endpoints with OpenAPI-defined contracts Use a generic OpenAPI/Swagger MCP integration if you can generate an OpenAPI spec from YAPI

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for yapi-mcp-server.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-04-04.