{"id":"arcadeai-arcade-mcp","name":"arcade-mcp","homepage":"https://docs.arcade.dev","repo_url":"https://github.com/ArcadeAI/arcade-mcp","category":"devtools","subcategories":[],"tags":["mcp","model-context-protocol","python","tool-calling","agent-integration","framework","oauth","secrets"],"what_it_does":"Arcade MCP Server Framework: a Python framework/CLI for creating Model Context Protocol (MCP) servers with an opinionated project template, a runtime (stdio or HTTP transport), and support for tool-level requirements like secrets and OAuth-based auth injected at runtime.","use_cases":["Build custom MCP servers with Python quickly (generate a project template, implement @app.tool functions)","Expose agent tools over MCP for Claude Desktop/Cursor/VS Code via stdio or HTTP transport","Wrap third-party APIs (e.g., Reddit OAuth) as callable MCP tools with per-tool auth scopes","Manage sensitive credentials by requiring secrets that are injected into the tool context at runtime"],"not_for":["A standalone hosted API service with managed endpoints (it’s a framework you run/deploy)","Replacing a general-purpose REST backend or database layer","Use where you cannot run code (it requires your server runtime)"],"best_when":"You want to implement MCP tools in Python with consistent patterns for authentication, secrets, and deployment/transport to popular MCP clients.","avoid_when":"You need a fully specified REST/OpenAPI service for web clients only, or you require a hosting-free, zero-ops managed offering.","alternatives":["Other MCP server frameworks/runtimes (generic MCP SDKs)","Build your own MCP server using the upstream MCP reference implementation","Use a gateway/runtime (e.g., MCP gateway products) if you prefer centralized hosting over per-server deployment"],"af_score":56.2,"security_score":77.5,"reliability_score":40.0,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:25:36.632523+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["CLI-based login (arcade login)","Tool-level OAuth auth injection via arcade_mcp_server.auth (e.g., Reddit(scopes=[...]))","Tool-level secret injection via requires_secrets and Context.get_secret"],"oauth":true,"scopes":true,"notes":"The README example shows tool-level auth configured with a provider object (Reddit with scopes) and secrets injected into a Context at runtime; clients/LLMs cannot directly view secrets/tokens."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information in provided content; appears to be open-source framework."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":56.2,"security_score":77.5,"reliability_score":40.0,"mcp_server_quality":85.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":65.0,"rate_limit_clarity":20.0,"tls_enforcement":80.0,"auth_strength":75.0,"scope_granularity":80.0,"dependency_hygiene":65.0,"secret_handling":85.0,"security_notes":"Secrets and OAuth tokens are described as injected into a server-side Context so LLMs/MCP clients cannot see them. Tool-level auth uses scopes (fine-grained). TLS for HTTPS HTTP transport is implied by an HTTP endpoint and doc reference to /docs; exact enforcement is not verifiable from provided content. Dependency hygiene appears decent from pinned versions in the manifest, but no CVE/security audit data is provided.","uptime_documented":0.0,"version_stability":65.0,"breaking_changes_history":55.0,"error_recovery":40.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Tool results may include provider/API errors (e.g., httpx response.raise_for_status()). Agents may need to handle error strings/HTTP-related exceptions surfaced by the server.","HTTP transport example notes that tools requiring auth/secrets may require deployment (arcade deploy / Developer Dashboard) rather than local HTTP usage, which can surprise local testing workflows."]}}