{"id":"ai-ql-tuui","name":"tuui","homepage":"https://www.tuui.com/","repo_url":"https://github.com/AI-QL/tuui","category":"ai-ml","subcategories":[],"tags":["ai-ml","mcp","mcp-client","desktop-app","agentic-ai","llm-orchestration","typescript","vue","tooling"],"what_it_does":"TUUI is a desktop “local AI playground” client built around the Model Context Protocol (MCP). It can connect to different LLM backends (including hosted APIs) and manage MCP servers to provide tools/prompts/resources and related MCP client features. It also supports discovery/registry and (via configuration) running local or remote MCP servers (e.g., Cloudflare mcp-remote).","use_cases":["Desktop UI for MCP-based agents (tools/prompts/resources)","Connecting to multiple LLM vendors through a shared interface (dynamic configuration)","Inspecting/tracing MCP tool calls and primitive visualization","Running or consuming MCP servers (local commands or remote via SSE)","Building/experimenting with prompt/tool orchestration locally"],"not_for":["A production, headless API service for programmatic use by other systems (it’s a desktop app)","Strictly offline environments without access to LLM/MCP server endpoints","Organizations needing a documented, vendor-controlled security posture for all upstream LLM/MCP components"],"best_when":"You want a local desktop interface to experiment with MCP tool ecosystems across multiple LLM providers, using existing MCP servers and (optionally) remote MCP via SSE.","avoid_when":"You need formal REST/GraphQL service APIs, strict enterprise auditability, or clear guarantees about secret handling and data retention across all integrated third parties.","alternatives":["Other MCP clients and desktop MCP integrations (e.g., MCP-compatible client tools)","Building your own MCP client using the official TypeScript MCP SDK","Using an MCP server plus a separate frontend/agent UI you control (custom integration)"],"af_score":52.8,"security_score":50.8,"reliability_score":42.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:24:46.760887+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":true,"sdk_languages":["TypeScript","JavaScript"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["API key fields in LLM backend config (e.g., apiKey in llm.json)","MCP server authentication via MCP server mechanisms (including possible OAuth via remote MCP examples)"],"oauth":true,"scopes":false,"notes":"Auth is configuration-driven and varies by upstream MCP server/remote MCP implementation. README mentions an mcp-remote approach that includes Auth, and notes OAuth auto-redirect issues, but does not describe fine-grained scopes within TUUI itself."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing details for TUUI itself; costs depend on the chosen LLM providers and MCP server infrastructure."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":52.8,"security_score":50.8,"reliability_score":42.5,"mcp_server_quality":70.0,"documentation_accuracy":60.0,"error_message_quality":null,"error_message_notes":"The README includes a dedicated “MCP Server Issue” section describing common failure modes (ENOENT spawn errors, timeouts, manual pre-install steps) and platform-specific hints (Windows workaround, macOS unresolved issue). However, it doesn’t document exact error codes/messages emitted by the app.","auth_complexity":55.0,"rate_limit_clarity":20.0,"tls_enforcement":80.0,"auth_strength":50.0,"scope_granularity":20.0,"dependency_hygiene":55.0,"secret_handling":50.0,"security_notes":"TLS is not explicitly documented for TUUI, but remote endpoints shown are HTTPS in examples. Auth is largely delegated to upstream LLMs/MCP servers (including potential OAuth via remote MCP), and README mentions a test remote server that “always approves,” which is a risk pattern if used in production. Secrets are configured in JSON (e.g., apiKey) and are said to be stored in localStorage by default after import; this suggests possible exposure depending on OS/browser threat model and logging practices (not fully specified in README). Dependency list is sizable but no CVE/security posture is described in provided content.","uptime_documented":0.0,"version_stability":55.0,"breaking_changes_history":50.0,"error_recovery":65.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":true,"known_agent_gotchas":["Spawning MCP servers can fail with ENOENT; may require absolute paths or ensuring npx/uv/uvx commands exist.","First-time installation of runtime libraries can exceed a 90-second timeout; manual pre-install and retry may be needed.","macOS MCP server connectivity issues are noted as unresolved (NVM-related).","Remote MCP auth/OAuth callback delays can cause HTTP 400; clearing browser cache and retrying verification is suggested."]}}