Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"usa-spending-mcp-server-demo": {
"args": [
"-y",
"ANTHROPIC_API_KEY"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
⚠️ DISCLAIMER: This is a proof of concept and is not intended for production use.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y 'ANTHROPIC_API_KEY' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked ANTHROPIC_API_KEY against OSV.dev.
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in finance / data
Zero-dependency, token-efficient database MCP server for Postgres, MySQL, SQL Server, MariaDB, SQLite.
A Model Context Protocol (MCP) server that enables secure interaction with MySQL databases
🔥 Official Firecrawl MCP Server - Adds powerful web scraping and search to Cursor, Claude and any other LLM clients.
Manage Supabase projects — databases, auth, storage, and edge functions
MCP Security Weekly
Get CVE alerts and security updates for Usa Spending Mcp Server DEMO and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
⚠️ DISCLAIMER: This is a proof of concept and is not intended for production use.
An MCP server for interacting with the USAspending.gov API, with optional login.gov authentication for cloud deployment.
uv tool install git+https://github.com/GSA-TTS/usa-spending-mcp-server
git clone https://github.com/GSA-TTS/usa-spending-mcp-server
cd usa-spending-mcp-server
uv sync --dev
The server supports two modes:
| Mode | Command | Use Case |
|---|---|---|
| stdio | usa-spending-mcp-server | Local use with Claude Desktop |
| HTTP | usa-spending-mcp-server-http | Cloud deployment with login.gov auth |
Get the installed tool path:
which usa-spending-mcp-server
Add to your Claude MCP config (~/.claude/claude_desktop_config.json):
{
"mcpServers": {
"usa-spending": {
"command": "/path/to/usa-spending-mcp-server"
}
}
}
The HTTP server uses login.gov OIDC with PKCE for authentication, suitable for cloud.gov deployment.
| Variable | Required | Description |
|---|---|---|
REQUIRE_AUTH | No | Set to "false" to disable auth (default: "true") |
BASE_URL | If auth enabled | Public URL of the server (e.g., https://usa-spending-mcp.app.cloud.gov) |
LOGINGOV_CLIENT_ID | If auth enabled | Your login.gov application client ID |
JWT_SIGNING_KEY | If auth enabled | Secret key for signing JWTs (generate with python -c "import secrets; print(secrets.token_hex(32))") |
LOGINGOV_CONFIG_URL | No | OIDC discovery URL (defaults to login.gov sandbox) |
PORT | No | Server port (default: 8080) |
{BASE_URL}/auth/callbackLOGINGOV_CLIENT_IDWithout authentication (development):
uv run task dev
With authentication:
export BASE_URL=http://localhost:8080
export LOGINGOV_CLIENT_ID=your-client-id
export JWT_SIGNING_KEY=$(python -c "import secrets; print(secrets.token_hex(32))")
uv run task dev-auth
Set environment variables:
cf set-env usa-spending-mcp-server BASE_URL https://usa-spending-mcp.app.cloud.gov
cf set-env usa-spending-mcp-server LOGINGOV_CLIENT_ID your-client-id
cf set-env usa-spending-mcp-server JWT_SIGNING_KEY your-signing-key
Deploy:
cf push
uv run task dev # Run HTTP server without auth
uv run task dev-auth # Run HTTP server with auth
uv run task lint # Check code with ruff
uv run task lint-fix # Fix linting issues
uv run task format # Format code with ruff
uv run task test # Run tests
uv run task test-cov # Run tests with coverage
uv run task ci # Run all CI checks
This project uses ruff for linting and formatting.
For local testing of tool behavior using mcp-evals:
cd evals
npm install
ANTHROPIC_API_KEY=your-key npm run eval
See evals/README.md for details.
src/
usa_spending_mcp_server/
server.py # stdio MCP server (Claude Desktop)
server_http.py # HTTP server with auth (cloud.gov)
auth.py # login.gov OIDC authentication
tests/ # Python unit tests
evals/ # LLM-based evals (optional)
manifest.yml # c
... [View full README on GitHub](https://github.com/GSA-TTS/usa-spending-mcp-server-DEMO#readme)