{"id":"speakeasy-api-gram","name":"gram","homepage":"https://www.speakeasy.com/product/mcp-platform","repo_url":"https://github.com/speakeasy-api/gram","category":"ai-ml","subcategories":[],"tags":["mcp","mcp-server","mcp-gateway","mcp-tools","typescript","openapi","oauth","cli","ai-sdk","control-plane"],"what_it_does":"Gram is an MCP Cloud Platform and TypeScript framework for creating, curating, and hosting Model Context Protocol (MCP) servers. It supports defining tools via OpenAPI documents and via custom TypeScript “Gram Functions,” and provides a CLI and hosted control plane (gram app) for managing MCP servers/tool sources, including OAuth support.","use_cases":["Host MCP servers for an organization at custom domains","Expose internal or third-party APIs to LLMs/agents through MCP tools","Create MCP tools from OpenAPI specs or TypeScript functions","Compose higher-order tools and group tools into toolsets","Manage and secure MCP servers centrally via a control plane","Integrate agent workflows with automation platforms like Zapier/n8n (as MCP-backed tools)"],"not_for":["Teams needing only local/offline MCP tooling with no hosted control plane","Use cases requiring well-specified REST/GraphQL APIs for programmatic management beyond the described CLI (details not provided in the README)","Organizations that cannot adopt OAuth flows or do not want hosted authentication/authorization integration"],"best_when":"You want to publish MCP toolsets quickly from OpenAPI or TypeScript and centrally manage/secure MCP server hosting for multiple teams or applications.","avoid_when":"You require documented, machine-readable REST API contracts (OpenAPI spec URLs for management endpoints) and clearly stated operational guarantees (SLA, retry/idempotency semantics) that are not provided in the available README content.","alternatives":["Build and host MCP servers directly yourself (no control plane) using MCP-compatible server frameworks","Use open-source MCP gateway/proxy solutions and manage tooling privately","Generate tool endpoints from OpenAPI directly into your own MCP tool server layer","Other MCP hosting/control-plane offerings (not identified from provided content)"],"af_score":54.8,"security_score":57.0,"reliability_score":18.8,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:36:48.871758+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":"https://app.getgram.ai/openapi.yaml is referenced as a spec host; MCP server hosting is described but the exact MCP base URLs/endpoints are not specified in the README","has_sdk":true,"sdk_languages":["TypeScript"],"openapi_spec_url":"http://app.getgram.ai/openapi.yaml","webhooks":false},"auth":{"methods":["OAuth (described as OAuth support out-of-the-box; includes DCR, BYO authorization, and standard flows)","Gram CLI authentication (gram auth described, but token method/format not specified)"],"oauth":true,"scopes":false,"notes":"The README states OAuth support is available (DCR, BYO authorization, standard flows) but does not document concrete scope granularity, token types, or exact auth endpoints/parameters."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Billing tooling is mentioned (Polar) but no pricing tiers, free tier, or cost estimates are provided in the supplied README content."},"requirements":{"requires_signup":true,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":54.8,"security_score":57.0,"reliability_score":18.8,"mcp_server_quality":75.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":70.0,"rate_limit_clarity":20.0,"tls_enforcement":80.0,"auth_strength":70.0,"scope_granularity":30.0,"dependency_hygiene":50.0,"secret_handling":50.0,"security_notes":"Security posture is partially supported by stated OAuth support and hosted secure MCP server hosting, but the provided content does not describe TLS requirements explicitly, token storage/logging practices, scope granularity, or operational security controls. Dependency hygiene and CVE status are not assessable from the provided README/manifest snippet.","uptime_documented":0.0,"version_stability":45.0,"breaking_changes_history":0.0,"error_recovery":30.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Hosted MCP server management is described at a high level; without the detailed CLI/API docs, agents may need manual steps to handle auth token lifecycle and operational error cases.","Tool definitions can be derived from OpenAPI or TypeScript; schema validation/input contracts are important (zod used in example) but detailed runtime error conventions are not provided here."]}}