{"id":"publicdotcom-publicdotcom-mcp-server","name":"publicdotcom-mcp-server","homepage":null,"repo_url":"https://github.com/PublicDotCom/publicdotcom-mcp-server","category":"ai-ml","subcategories":[],"tags":["mcp","brokerage","trading","stocks","options","crypto","python","stdio","tooling"],"what_it_does":"Provides an MCP (Model Context Protocol) server exposing Public.com brokerage/trading API operations as MCP tools (read-only and write/destructive actions) over stdio for AI assistants.","use_cases":["Get real-time quotes for stocks/options/crypto","Read portfolio holdings, buying power, and open orders","View transaction/order history and specific order status","Preflight/estimate order impact and costs","Place and manage trading orders (single-leg and multi-leg), including cancel/replace"],"not_for":["Making financial decisions without human oversight","Unattended trading without additional safeguards/approvals","Use in environments that cannot safely handle brokerage API credentials"],"best_when":"You need an AI assistant to retrieve brokerage data and optionally perform order actions through a standardized MCP tool interface, with explicit tool-level readOnly/destructive hints.","avoid_when":"You require a web/API gateway interface, strong operational guarantees (e.g., documented idempotency/retry semantics), or you cannot protect secrets and authorize destructive trading operations safely.","alternatives":["Use the Public.com API directly with a custom integration","Use the publicdotcom-py SDK directly in your own service","Build a small MCP wrapper around a REST client for Public.com"],"af_score":56.8,"security_score":53.8,"reliability_score":22.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:22:27.892762+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":true,"sdk_languages":["Python"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["API key/secret via environment variable (PUBLIC_COM_SECRET)"],"oauth":false,"scopes":false,"notes":"Authentication is configured via a required secret (PUBLIC_COM_SECRET). No OAuth and no fine-grained scope model is described in the README."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"README does not describe hosting costs or API usage pricing; Public.com account/API pricing would apply separately."},"requirements":{"requires_signup":true,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":56.8,"security_score":53.8,"reliability_score":22.5,"mcp_server_quality":70.0,"documentation_accuracy":65.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":80.0,"rate_limit_clarity":10.0,"tls_enforcement":70.0,"auth_strength":55.0,"scope_granularity":20.0,"dependency_hygiene":60.0,"secret_handling":65.0,"security_notes":"Secrets are supplied via environment variables (good baseline), but the README does not describe least-privilege scopes, token lifetimes, or explicit protections against logging secrets. Destructive trading tools increase the blast radius if an agent is misconfigured.","uptime_documented":0.0,"version_stability":30.0,"breaking_changes_history":40.0,"error_recovery":20.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Write/destructive tools can place/cancel/replace real orders; require strong guardrails/confirmation flows before calling them.","Stdio MCP integrations can hide HTTP-level status/headers from the agent unless the server maps errors clearly.","Order operations typically are not naturally idempotent; repeated calls can have financial impact unless the implementation explicitly prevents duplicates."]}}