{"id":"noot-app-openfoodfacts-mcp-server","name":"openfoodfacts-mcp-server","homepage":null,"repo_url":"https://github.com/noot-app/openfoodfacts-mcp-server","category":"ai-ml","subcategories":[],"tags":["mcp","openfoodfacts","duckdb","parquet","data-query","stdio","http-jsonrpc","go"],"what_it_does":"Provides an MCP server for querying the Open Food Facts product dataset. It downloads/caches a Parquet product database and uses DuckDB for fast search, exposing MCP tools for brand/name lookup and barcode lookup. Supports local STDIO (Claude Desktop) mode without auth and remote HTTP mode with Bearer-token auth (except /health).","use_cases":["Local Claude Desktop integration to search Open Food Facts products by brand and name","Barcode lookups (UPC/EAN) via MCP tools","Running OpenFoodFacts search as an internal/shared MCP service over HTTP JSON-RPC","Building applications that need fast, local analytics-style querying over the Parquet product database via DuckDB"],"not_for":["Public unauthenticated deployment on the open internet","Use as a general OpenFoodFacts API for arbitrary REST-style needs (it’s MCP-focused and limited to described tools)","Scenarios requiring fine-grained per-user authorization/tenancy (auth appears to be a single shared bearer token)"],"best_when":"You want agent-callable, read-only product search over Open Food Facts with local dataset caching (fast queries) or a simple authenticated MCP-as-a-service deployment.","avoid_when":"You need strict security/compliance guarantees around secrets, auditability, or per-tenant access control; or you need publicly accessible endpoints without auth beyond /health.","alternatives":["Other MCP servers or agent tools that wrap Open Food Facts via REST (if available)","Direct DuckDB querying of the Open Food Facts Parquet dataset in your own service","Third-party OpenFoodFacts search APIs (if you require hosted endpoints)"],"af_score":56.8,"security_score":50.5,"reliability_score":17.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T19:52:30.930464+00:00","interface":{"has_rest_api":true,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Bearer token (HTTP mode /mcp endpoint)","No authentication (STDIO mode)"],"oauth":false,"scopes":false,"notes":"HTTP mode requires OPENFOODFACTS_MCP_TOKEN for the /mcp endpoint; /health is unauthenticated. Scopes/granularity are not described, suggesting a single shared token model."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Open-source project; costs are mainly your infrastructure (dataset download/storage, compute for DuckDB queries)."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":56.8,"security_score":50.5,"reliability_score":17.5,"mcp_server_quality":85.0,"documentation_accuracy":75.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":65.0,"rate_limit_clarity":10.0,"tls_enforcement":70.0,"auth_strength":55.0,"scope_granularity":20.0,"dependency_hygiene":45.0,"secret_handling":60.0,"security_notes":"Uses Bearer token auth for the HTTP JSON-RPC MCP endpoint and states /health is unauthenticated. No evidence in provided README of per-user scopes, audit logs, or rate-limit controls. TLS requirements are not explicitly documented; for remote deployment, assume HTTPS should be configured at the server/proxy level. Secret handling is not described beyond an environment variable token, with no further details on logging/redaction.","uptime_documented":0.0,"version_stability":20.0,"breaking_changes_history":20.0,"error_recovery":30.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Remote HTTP mode uses a single bearer token; agents must pass it reliably for /mcp calls.","STDIO mode has no auth but relies on local environment configuration (e.g., DATA_DIR, OPENFOODFACTS_MCP_TOKEN in the Claude Desktop config example).","Tool outputs may include many fields vs the simplified search tool; agents should choose the simplified tool to reduce response size/token usage."]}}