{"id":"cupofowls-kroger-mcp","name":"kroger-mcp","homepage":null,"repo_url":"https://github.com/CupOfOwls/kroger-mcp","category":"api-gateway","subcategories":[],"tags":["mcp","fastmcp","kroger","oauth2","shopping","grocery","agent-tools","python"],"what_it_does":"Provides a FastMCP server that exposes Kroger shopping capabilities (store lookup, product search, and cart/order operations) to AI assistants via MCP, backed by the kroger-api Python library and Kroger API OAuth2 credentials. Includes local-only cart tracking for viewing/removal/clearing and a workflow for adding items to a real Kroger cart.","use_cases":["Assist users in finding nearby Kroger stores by ZIP code and selecting a preferred store","Search for grocery products and retrieve product details/images","Add products to a user’s Kroger cart through authenticated operations","Maintain a local shopping cart and order history for AI workflows that need cart state","Check basic store/pharmacy-related availability and browse store hierarchy (chains/departments)"],"not_for":["A fully accurate cart experience that can remove/clear items from the real Kroger cart via the public API (the server only affects local tracking for those operations)","Production-grade deployment without reviewing data handling, token storage, and error/retry behavior in the underlying code","Use cases requiring fine-grained payment/financial guarantees or transactional guarantees beyond Kroger’s own APIs"],"best_when":"You want an MCP toolset for grocery shopping assistants and can provide Kroger developer credentials, and you’re comfortable with local cart tracking semantics for removals/clears.","avoid_when":"You require server-side authoritative cart viewing/removal synced with the real Kroger cart, or you cannot support an interactive OAuth2 authorization flow.","alternatives":["Direct use of the kroger-api Python library (build your own tool layer/agent interface)","Other MCP wrappers for retail/commerce APIs if they offer full cart sync/removals","Build a thin REST API around kroger-api and connect to your agent tooling directly"],"af_score":66.8,"security_score":63.0,"reliability_score":31.2,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:21:09.206365+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["OAuth2 (Kroger developer credentials; interactive browser authorization)","Token management handled internally (via kroger-api)"],"oauth":true,"scopes":false,"notes":"The README indicates that some tools do not require auth, while cart/profile modification tools require Kroger OAuth2 authorization via an inserted browser link. Scope granularity is not documented in the provided content."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No service pricing is described; cost is primarily your environment/runtime plus Kroger API usage limits."},"requirements":{"requires_signup":true,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":66.8,"security_score":63.0,"reliability_score":31.2,"mcp_server_quality":70.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":55.0,"rate_limit_clarity":80.0,"tls_enforcement":80.0,"auth_strength":75.0,"scope_granularity":40.0,"dependency_hygiene":55.0,"secret_handling":60.0,"security_notes":"Uses Kroger OAuth2 with client credentials and interactive browser authorization for authenticated tools. The README suggests passing CLIENT_ID/CLIENT_SECRET and redirect URI via env/.env, but does not describe token storage, encryption, or log redaction behavior. Rate limits and local cart semantics may affect user expectations, but do not by themselves create a direct security control. TLS enforcement for Kroger calls is not explicitly documented in the provided content (assumed via HTTPS by typical HTTP clients).","uptime_documented":0.0,"version_stability":40.0,"breaking_changes_history":50.0,"error_recovery":35.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Local-only cart tracking: remove_from_cart/clear_current_cart only affect local tracking, not the actual Kroger cart.","Public API appears one-way for cart changes (add works; remove/clear may not propagate to the real cart).","Some actions require OAuth2 and an interactive authorization step; agents may need a user to complete browser auth when prompted.","Rate limits are per Kroger API endpoint/operation type as documented; agents should minimize redundant calls (e.g., prefer bulk add when available)."]}}