{"id":"lourencomaciel-sift-gateway","name":"sift-gateway","homepage":"https://pypi.org/project/sift-gateway/","repo_url":"https://github.com/lourencomaciel/sift-gateway","category":"ai-ml","subcategories":[],"tags":["ai-ml","agent-tooling","mcp","cli","gateway","artifacts","json","pagination","security","schema","sqlite"],"what_it_does":"Sift is a reliability gateway that captures JSON outputs from upstream MCP/CLI tools, persists them as SQLite artifacts, redacts secrets on the way back to the model, and returns either inline JSON (`full`) or stable schema-based references (`schema_ref`) for follow-up. It provides explicit pagination continuation until completion and a Python-based artifact querying interface for exact retrieval across one artifact or an entire pagination chain.","use_cases":["MCP tool output reliability for LLM agents (stable schemas, pagination-complete retrieval)","Handling large/JSON-heavy tool results without context stuffing by storing full payloads as artifacts","Secret-safe outbound redaction before returning data to the model","Repeatable analysis over paginated data using code executed against stored artifacts","Agent workflows needing provenance/reproducibility of tool outputs across multi-step runs"],"not_for":["Use as a general-purpose data warehouse or long-term analytics platform (it appears primarily an artifact store for agent/tool runs)","Environments where persistent local SQLite artifacts are disallowed (no evidence of managed remote storage)","When you need a network REST/GraphQL API surface instead of a CLI/MCP integration"],"best_when":"You have MCP/CLI tools that return large or paginated JSON and you want agents to do exact, schema-stable follow-up queries without leaking secrets into model context.","avoid_when":"You cannot store tool outputs locally (SQLite) or cannot comply with data retention policies for those artifacts; also avoid if you need a simple stateless request/response API.","alternatives":["MCP client-side pagination handling with custom cursor logic and prompt-side schema normalization","Local scripts that store tool outputs and run jq/Python without the MCP/CLI gateway layer","Other agent memory/artifact layers that provide retrieval but may not guarantee pagination completion or schema-ref stability"],"af_score":57.0,"security_score":54.5,"reliability_score":28.8,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:36:36.039010+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Upstream login (token storage backend)","Authentication tokens configured via deployment/config (details in docs/SECURITY)"],"oauth":false,"scopes":false,"notes":"The README/manifest mention Google ADC and an OAuth-token storage backend used by `upstream login`, but the external-surface auth mechanism is not fully specified in the provided text (no explicit API-key/OAuth flow details for the gateway itself)."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Open-source package (MIT) distributed via PyPI; no pricing information provided."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":57.0,"security_score":54.5,"reliability_score":28.8,"mcp_server_quality":20.0,"documentation_accuracy":85.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":60.0,"rate_limit_clarity":10.0,"tls_enforcement":30.0,"auth_strength":55.0,"scope_granularity":40.0,"dependency_hygiene":65.0,"secret_handling":85.0,"security_notes":"The README claims outbound secret redaction is enabled by default and that it keeps full payloads out of prompt context; it also references a security policy and an error contract in docs. TLS enforcement and scope granularity are not evidenced in the provided text. Persistent SQLite artifact storage may retain sensitive data, so configuration and retention controls are important.","uptime_documented":0.0,"version_stability":45.0,"breaking_changes_history":30.0,"error_recovery":40.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"explicit-multi-page-contract","retry_guidance_documented":false,"known_agent_gotchas":["Agents must continue pagination explicitly until `pagination.retrieval_status == COMPLETE`; stopping early can yield partial answers.","Be careful to query the correct root path (e.g., `$` vs `metadata.usage.root_path`) to avoid analyzing only a subset of nested results.","Ensure secret redaction/allow-lists align with your policy; storing artifacts increases data retention risk if misconfigured."]}}