{"id":"milocreditplatform-loanpro-mcp-server","name":"loanpro-mcp-server","homepage":null,"repo_url":"https://github.com/MiloCreditPlatform/loanpro-mcp-server","category":"api-gateway","subcategories":[],"tags":["mcp","loanpro","go","json-rpc","stdio","sse","http","read-only","financial-data","tools"],"what_it_does":"LoanPro MCP server (Go) that implements MCP tooling for read-only access to LoanPro loan and customer data, exposing tools over HTTP (JSON-RPC at /mcp), SSE, and stdio transports.","use_cases":["Agent-assisted retrieval of loan details by ID","Searching loans and customers by filters/search terms","Fetching loan payment history and transaction history for reporting/analysis","Integrating LoanPro read-only data into MCP-capable clients (e.g., Claude Desktop)"],"not_for":["Performing any write operations (server is described as read-only)","Production use without securing transport/auth and network access controls","Handling sensitive personal data in multi-tenant or public contexts without strong governance"],"best_when":"Used internally by trusted users/agents to read loan/customer data from a configured LoanPro instance over a protected network, leveraging MCP clients via stdio or HTTP.","avoid_when":"Exposed to the public internet without authentication/authorization controls, or used where compliance requirements demand stronger audit/access controls than described.","alternatives":["Direct integration with LoanPro APIs (without MCP)","Self-hosted MCP server wrappers around LoanPro APIs with stricter auth proxies","Using a managed data access layer/API gateway that enforces auth, logging, and rate limiting"],"af_score":61.2,"security_score":44.8,"reliability_score":28.8,"package_type":"mcp_server","discovery_source":["github"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T19:51:42.637362+00:00","interface":{"has_rest_api":true,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["API key via LOANPRO_API_KEY (configured in .env)"],"oauth":false,"scopes":false,"notes":"README describes only LoanPro credentials via environment variables. No explicit end-user authentication/authorization for the MCP server endpoints is documented."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Open-source (MIT) repository; no hosted pricing described."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":61.2,"security_score":44.8,"reliability_score":28.8,"mcp_server_quality":85.0,"documentation_accuracy":80.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":80.0,"rate_limit_clarity":5.0,"tls_enforcement":70.0,"auth_strength":35.0,"scope_granularity":20.0,"dependency_hygiene":40.0,"secret_handling":60.0,"security_notes":"TLS enforcement is not explicitly stated for the MCP server. The server likely uses HTTPS to reach LoanPro (via LOANPRO_API_URL) but client-facing transport security/auth are not detailed. Authentication appears to be only for upstream LoanPro (API key/tenant id) and not for inbound access to the MCP server. README mentions configurable logging and debug mode; care is needed to ensure request/response bodies and headers do not leak secrets in DEBUG logs. No information provided about dependency scanning, pinned versions, or CVE status.","uptime_documented":0.0,"version_stability":40.0,"breaking_changes_history":30.0,"error_recovery":45.0,"idempotency_support":"false","idempotency_notes":"Read-only tool calls are likely safe, but MCP/HTTP idempotency semantics and server guidance are not documented.","pagination_style":"limit-based","retry_guidance_documented":false,"known_agent_gotchas":["No explicit rate-limit headers or retry/backoff guidance described.","No explicit server-side authentication/authorization documented for /mcp; agents should not expose the service publicly.","Search endpoints use a default limit of 10; tools/call results may be truncated unless limit is provided."]}}