Is Clickup MCP Server safe to use?

Clickup MCP Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Clickup MCP Server?

Clickup MCP Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Clickup MCP Server do?

Clickup MCP Server provides 37 tools: clickup_whoami, clickup_get_spaces, clickup_get_folders, clickup_get_lists, clickup_get_list and 32 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Clickup MCP Server?

Clickup MCP Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is Clickup MCP Server actively maintained?

Clickup MCP Server is less actively maintained — last commit was 115 days ago. It has 3 GitHub stars.

Clickup MCP Server

@cavort-it-systems/clickup-mcp

Lightweight ClickUp MCP server - 37 tools, token-optimized (95% smaller responses)

3 62/wk 37 tools GitHub npm

No known CVEs

No license

Maintained

Last commit 115d ago

Works with most clients

Transport: stdio, sse, http

37 tools · ~906 tok

Grade B · 0.5% of 200K ctx

Edit this pageView history

Productivity

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "clickup": {
      "env": {
        "CLICKUP_API_TOKEN": "your-token"
      },
      "args": [
        "@cavort-it-systems/clickup-mcp"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-cvrt-jh-clickup-mcp)](https://mcppedia.org/s/io-github-cvrt-jh-clickup-mcp)

Read me

What Clickup MCP Server does

Lightweight ClickUp MCP server - 37 tools, token-optimized (95% smaller responses)

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@cavort-it-systems/clickup-mcp' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

75/100across 5 weighted dimensions

How we score →

0255075100

−25

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked @cavort-it-systems/clickup-mcp against OSV.dev.

Inventory

Tools (37)

Click any tool to inspect its schema.

~906 tokens total

Help improve this page

This server is missing a description.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Clickup MCP Server safe to use?: Clickup MCP Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Clickup MCP Server?: Clickup MCP Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Clickup MCP Server do?: Clickup MCP Server provides 37 tools: clickup_whoami, clickup_get_spaces, clickup_get_folders, clickup_get_lists, clickup_get_list and 32 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Clickup MCP Server?: Clickup MCP Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Clickup MCP Server actively maintained?: Clickup MCP Server is less actively maintained — last commit was 115 days ago. It has 3 GitHub stars.

Similar servers

Others in productivity

View all →

Memory MCP Server98

Persistent memory using a knowledge graph

86.4k 5

Sequential Thinking MCP Server98

Dynamic problem-solving through sequential thought chains

86.4k 1

Qmd95

mini cli search engine for your docs, knowledge bases, meeting notes, whatever. Tracking current sota approaches while being all local

25.8k 4

io.github.miroapp/mcp-server95

Official Miro MCP server - Supports context to code and creating diagrams, docs, and data tables.

111 7

MCP Security Weekly

Get CVE alerts and security updates for Clickup MCP Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Productivity

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "clickup": {
      "env": {
        "CLICKUP_API_TOKEN": "your-token"
      },
      "args": [
        "@cavort-it-systems/clickup-mcp"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-cvrt-jh-clickup-mcp)](https://mcppedia.org/s/io-github-cvrt-jh-clickup-mcp)

Read me

What Clickup MCP Server does

Lightweight ClickUp MCP server - 37 tools, token-optimized (95% smaller responses)

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@cavort-it-systems/clickup-mcp' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

clickup-mcp

Lightweight ClickUp MCP server focused on task management. 37 tools with token-optimized responses — API responses automatically slimmed from thousands of characters to essentials.

Why This Server?

ClickUp's API returns extremely verbose JSON. This server strips it down:

Response	Before	After	Reduction
`clickup_whoami`	~3,500 chars	~160 chars	95%
`clickup_create_comment`	~1,500 chars	~38 chars	97%

Less tokens = faster responses, lower costs, more context for your AI.

Installation

npm install -g @cavort-it-systems/clickup-mcp

Or run directly:

npx @cavort-it-systems/clickup-mcp

Configuration

Claude Code CLI

claude mcp add clickup -e CLICKUP_API_TOKEN=your-token -- npx @cavort-it-systems/clickup-mcp

Claude Desktop / Manual

Add to your MCP config (~/.claude.json or Claude Desktop settings):

{
  "mcpServers": {
    "clickup": {
      "command": "npx",
      "args": ["@cavort-it-systems/clickup-mcp"],
      "env": {
        "CLICKUP_API_TOKEN": "your-token"
      }
    }
  }
}

From Source

git clone https://github.com/cvrt-jh/clickup-mcp.git
cd clickup-mcp
npm install && npm run build

Then configure with the built path:

claude mcp add clickup -e CLICKUP_API_TOKEN=your-token -- node /path/to/clickup-mcp/build/index.js

Get Your API Token

Go to ClickUp Settings > Apps
Generate a Personal API Token
Set as CLICKUP_API_TOKEN

Response Slimming

All responses are automatically trimmed to save tokens. The ClickUp API returns extremely verbose JSON — this server strips it down to what matters.

clickup_whoami — from ~3,500 chars to ~160:

// Before (ClickUp API raw)
{"user":{"id":12345678,"username":"Jane Doe","email":"jane@example.com","color":"#0388d1",
"profilePicture":"https://attachments.clickup.com/...","initials":"JD",
"week_start_day":1,"global_font_support":true,"timezone":"Europe/Berlin"},
"teams":{"teams":[{"id":"99999999","name":"My Workspace","color":"#40BC86",
"avatar":"https://attachments2.clickup.com/...?Expires=...&Key-Pair-Id=...&Signature=...",
"members":[{"user":{"id":11111111,"username":"Bob Smith","email":"bob@example.com",
"color":"#aa2fff","profilePicture":null,"initials":"BS","role":4,"role_subtype":2,
"role_key":"guest","custom_role":null,"last_active":"...","date_joined":"...",
"date_invited":"..."},"invited_by":{"id":22222222,...},
"can_see_time_spent":true,...}, ...]}]}}

// After (slimmed)
{"id":12345678,"username":"Jane Doe","email":"jane@example.com",
"timezone":"Europe/Berlin","workspaces":[{"id":"99999999",
"name":"My Workspace","member_count":4}]}

clickup_create_comment — from ~1,500 chars to 38:

// Before
{"id":90150191300876,"hist_id":"...","date":1770053982842,
"version":{"object_type":"comment","object_id":"...","workspace_id":99999999,
"operation":"c","data":{"context":{"root_parent_type":1,"is_chat":false,
"audit_context":{"userid":12345678,"current_time":...,"route":"*"},...},...},...}}

// After
{"id":90150191300876,"date":1770053982842}

What gets stripped:

Field	Where	Why
`features{}`	spaces	~50 lines of boolean flags per space
`sharing{}`, `permission_level`	tasks	Internal access config, not useful
`watchers[]`	tasks	Usually same as assignees
Full user objects	everywhere	Reduced to `{id, username, email}`
`profilePicture`, `initials`, `color`	users	Visual metadata, not useful for LLMs
`version{}` blobs	comme

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

75/100across 5 weighted dimensions

How we score →

0255075100

−25

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked @cavort-it-systems/clickup-mcp against OSV.dev.

Inventory

Tools (37)

Click any tool to inspect its schema.

~906 tokens total

Help improve this page

This server is missing a description.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Clickup MCP Server safe to use?: Clickup MCP Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Clickup MCP Server?: Clickup MCP Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Clickup MCP Server do?: Clickup MCP Server provides 37 tools: clickup_whoami, clickup_get_spaces, clickup_get_folders, clickup_get_lists, clickup_get_list and 32 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Clickup MCP Server?: Clickup MCP Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Clickup MCP Server actively maintained?: Clickup MCP Server is less actively maintained — last commit was 115 days ago. It has 3 GitHub stars.