{"id":"universal-tool-calling-protocol-go-utcp","name":"go-utcp","homepage":"https://www.utcp.io/","repo_url":"https://github.com/universal-tool-calling-protocol/go-utcp","category":"ai-ml","subcategories":[],"tags":["golang","ai","ai-agent","ai-agent-tools","developer-tools","llm","mcp","utcp","model-context-protocol"],"what_it_does":"go-utcp is a Go implementation of the Universal Tool Calling Protocol (UTCP) that lets clients discover and call tools through multiple transport types (e.g., HTTP, WebSocket, gRPC, GraphQL, TCP/UDP, CLI, SSE/streaming HTTP) and provides utilities like environment-variable substitution (.env) and an OpenAPI-to-manual converter.","use_cases":["Tool discovery and tool invocation across heterogeneous backends using a unified interface","Building agent toolchains in Go with multiple provider/transport options","Converting OpenAPI definitions into UTCP manuals for tool publishing","Running LLM-assisted workflows via UTCP, including a Yaegi-based code execution plugin (CodeMode)"],"not_for":["Hosting sensitive systems where arbitrary code execution by an LLM is unacceptable (CodeMode)","Services that require strict, documented transport security guarantees without reviewing the implementations","Teams needing a managed SaaS with SLAs, pricing tiers, and hosted reliability guarantees"],"best_when":"You want a self-hosted Go library to standardize tool calling across multiple protocols/providers and you can review/secure the underlying transports and any plugin execution paths.","avoid_when":"You cannot audit transport security/auth behavior or you are not prepared to mitigate risks around executing LLM-supplied code (if using CodeMode).","alternatives":["Model Context Protocol (MCP) implementations and servers","Direct custom integrations per protocol (HTTP/WebSocket/gRPC) without a unifying tool-calling layer","Other tool-calling frameworks/libraries in the Go ecosystem"],"af_score":44.0,"security_score":36.8,"reliability_score":26.2,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:46:45.179301+00:00","interface":{"has_rest_api":false,"has_graphql":true,"has_grpc":true,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":true,"sdk_languages":["Go"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":[],"oauth":false,"scopes":false,"notes":"The README does not specify a built-in authentication scheme. It describes transports/providers, but auth method details (API keys/OAuth, headers, scopes) are not documented in the provided content."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Open-source library; no pricing information is provided in the supplied README/metadata."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":44.0,"security_score":36.8,"reliability_score":26.2,"mcp_server_quality":0.0,"documentation_accuracy":60.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":50.0,"rate_limit_clarity":0.0,"tls_enforcement":40.0,"auth_strength":30.0,"scope_granularity":20.0,"dependency_hygiene":35.0,"secret_handling":60.0,"security_notes":"README mentions env-var substitution via UtcpDotEnv but does not describe how secrets are stored, masked, or logged. Auth, TLS enforcement behavior, and scope/granularity for the various transports/providers are not documented in the provided content. If CodeMode is used, LLM-driven code execution (even via Yaegi sandbox) should be treated as a high-risk capability requiring careful review.","uptime_documented":0.0,"version_stability":50.0,"breaking_changes_history":20.0,"error_recovery":35.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"limit","retry_guidance_documented":false,"known_agent_gotchas":["README does not document standard retry/idempotency semantics for CallTool/SearchTools; agents should be cautious with repeated tool calls.","If using the CodeMode plugin, LLM-driven execution increases risk; ensure sandboxing and strict input controls beyond what is stated in README."]}}