{"passport":{"unfragile":{"@version":"1.0","version":"2026-05","artifact":{"id":"npm_npm-mcp-remote","slug":"npm-mcp-remote","name":"mcp-remote","type":"mcp","url":"https://www.npmjs.com/package/mcp-remote","page_url":"https://unfragile.ai/npm-mcp-remote","categories":["mcp-servers"],"tags":["mcp","stdio","sse","remote","oauth"],"pricing":{"model":"open_source","free":true,"starting_price":null},"status":"active","verified":false},"capabilities":[{"id":"npm_npm-mcp-remote__cap_0","uri":"capability://tool.use.integration.oauth.authenticated.remote.mcp.server.proxying","name":"oauth-authenticated remote mcp server proxying","description":"Enables local-only MCP clients (like Claude Desktop) to securely connect to remote MCP servers by acting as an authentication-aware proxy that handles OAuth token negotiation and refresh. The proxy intercepts client connections, manages OAuth flows transparently, and forwards authenticated requests to the remote server without exposing credentials to the client, using a token-based session model.","intents":["Connect a local Claude Desktop instance to an MCP server running on a remote machine without exposing the server directly to the internet","Use MCP tools from a cloud-hosted server while keeping the client air-gapped or behind a firewall","Delegate authentication responsibility to an OAuth provider rather than managing API keys in client configuration","Share a single remote MCP server across multiple local clients with per-user OAuth credentials"],"best_for":["Teams running MCP servers in cloud environments (AWS, GCP, Azure) with local development clients","Organizations requiring OAuth-based access control to MCP resources","Developers building multi-tenant MCP deployments where clients need isolated authentication"],"limitations":["Adds network round-trip latency for every MCP request (typically 50-200ms depending on network conditions)","OAuth token refresh adds blocking I/O during token expiration — no async token refresh mechanism documented","Requires OAuth provider configuration upstream — no built-in identity provider, only proxy layer","Single proxy instance becomes a bottleneck; horizontal scaling requires load balancer and shared session store"],"requires":["Node.js 16+ (typical for npm packages)","OAuth provider with client credentials (e.g., GitHub, Google, custom OIDC server)","Remote MCP server accessible over network (HTTP/HTTPS or stdio-over-network)","Client supporting MCP protocol (Claude Desktop, custom MCP client, etc.)"],"input_types":["MCP protocol messages (JSON-RPC over stdio or SSE)","OAuth authorization codes and refresh tokens","MCP server connection parameters (URL, authentication method)"],"output_types":["Authenticated MCP protocol responses","OAuth access tokens (cached in session)","Proxied tool/resource responses from remote server"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-mcp-remote__cap_1","uri":"capability://tool.use.integration.dual.transport.mcp.protocol.bridging.stdio.sse","name":"dual-transport mcp protocol bridging (stdio ↔ sse)","description":"Translates between stdio-based MCP connections (used by local clients like Claude Desktop) and SSE (Server-Sent Events) or HTTP-based remote connections, allowing clients designed for subprocess communication to transparently communicate with remote servers over HTTP. The proxy maintains separate transport state machines for each side and marshals MCP JSON-RPC messages between them.","intents":["Connect a stdio-only MCP client to an HTTP-based remote MCP server without modifying the client","Expose a local stdio MCP server to remote clients over HTTP/SSE without rewriting the server","Bridge between different MCP transport implementations (e.g., Anthropic's stdio standard vs custom HTTP servers)"],"best_for":["Developers integrating legacy stdio-based MCP servers with modern HTTP-based infrastructure","Teams needing to expose local MCP tools to remote clients without rewriting either side","MCP ecosystem projects standardizing on HTTP while maintaining backward compatibility with stdio clients"],"limitations":["SSE is unidirectional (server → client); bidirectional communication requires polling or WebSocket upgrade (not mentioned in docs)","Stdio buffering and message framing differences may cause edge cases with large payloads or rapid message sequences","No built-in message compression — large context payloads over HTTP incur full bandwidth cost","Transport abstraction adds ~10-50ms per message due to serialization/deserialization overhead"],"requires":["Node.js with stream/events API support","MCP client supporting stdio transport (e.g., Claude Desktop)","Remote MCP server exposing HTTP/SSE endpoint","Network connectivity between proxy and remote server"],"input_types":["MCP JSON-RPC messages via stdio (newline-delimited JSON)","HTTP SSE streams from remote server","MCP protocol initialization handshakes"],"output_types":["MCP JSON-RPC messages via stdio","HTTP SSE event streams","Proxied tool responses and resource listings"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-mcp-remote__cap_2","uri":"capability://safety.moderation.session.based.oauth.token.lifecycle.management","name":"session-based oauth token lifecycle management","description":"Manages OAuth token acquisition, storage, and refresh within a session context, allowing the proxy to maintain authenticated state across multiple MCP requests without requiring the client to handle token management. Implements token caching with expiration tracking and automatic refresh before expiry, using a session identifier to correlate tokens with specific client connections.","intents":["Automatically refresh OAuth tokens before they expire so client requests don't fail mid-session","Cache OAuth tokens in memory to avoid re-authenticating on every MCP request","Isolate OAuth credentials per client session so multiple concurrent clients don't share tokens","Transparently handle OAuth provider token expiration without client-side retry logic"],"best_for":["Multi-user MCP deployments where each client needs isolated OAuth credentials","Long-running MCP sessions where token refresh is inevitable","Teams using OAuth providers with short token lifetimes (< 1 hour)"],"limitations":["In-memory token storage is lost on proxy restart — no persistence layer documented","No distributed session store — token cache is local to proxy instance, breaks horizontal scaling","Token refresh is synchronous and blocking — concurrent requests during refresh may queue or timeout","No token revocation mechanism — expired or compromised tokens remain in cache until natural expiry","Assumes OAuth provider supports refresh tokens; some providers (e.g., implicit grant) don't support refresh"],"requires":["OAuth provider supporting refresh token grant (e.g., authorization code flow with refresh token)","Client credentials (client_id, client_secret) for OAuth provider","Session identifier mechanism (cookie, header, or URL parameter) to correlate tokens with clients"],"input_types":["OAuth authorization code (from initial authentication)","OAuth refresh token (from provider)","Session identifier (from client)"],"output_types":["OAuth access token (cached in session)","Token expiration timestamp","Authenticated MCP request headers"],"categories":["safety-moderation","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-mcp-remote__cap_3","uri":"capability://tool.use.integration.mcp.server.discovery.and.connection.pooling","name":"mcp server discovery and connection pooling","description":"Maintains a registry of available remote MCP servers and manages connection state for each, allowing clients to discover and connect to multiple servers through a single proxy endpoint. Implements connection pooling to reuse established connections and avoid repeated handshakes, with health checking to detect and recover from stale connections.","intents":["Discover available MCP servers from a central registry without hardcoding server URLs in client config","Connect to multiple remote MCP servers through a single proxy endpoint","Reuse TCP/HTTP connections to remote servers to reduce latency and resource usage","Automatically reconnect to a remote server if the connection drops mid-session"],"best_for":["Multi-server MCP deployments where clients need dynamic server discovery","High-throughput MCP proxies where connection reuse significantly reduces overhead","Teams running MCP servers in Kubernetes or other dynamic infrastructure where server addresses change"],"limitations":["Connection pool size is fixed at startup — no dynamic scaling based on load","Health checks add periodic network traffic; too-frequent checks waste bandwidth, too-infrequent checks miss failures","No load balancing across multiple instances of the same server — pool connects to a single endpoint","Server discovery mechanism not documented — unclear if it supports service discovery (DNS, Consul, Kubernetes API) or static config"],"requires":["Remote MCP servers with stable network addresses (or service discovery integration)","Connection pool configuration (pool size, timeout, health check interval)","Network connectivity from proxy to all remote servers"],"input_types":["Server registry (static config or dynamic discovery source)","Client connection requests with server identifier","Health check responses from remote servers"],"output_types":["Pooled connection to remote server","Server availability status","Connection metrics (latency, error rate)"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-mcp-remote__cap_4","uri":"capability://tool.use.integration.client.to.server.request.routing.with.context.preservation","name":"client-to-server request routing with context preservation","description":"Routes MCP requests from local clients to the appropriate remote server while preserving request context (OAuth tokens, session IDs, request metadata). Implements request/response correlation to match responses to requests even when multiple requests are in flight, and handles request timeouts and error propagation back to the client.","intents":["Forward MCP tool calls from a local client to a remote server and return results without losing context","Handle multiple concurrent requests from the same client without mixing up responses","Propagate errors from remote servers back to clients with full error context","Implement request timeouts to prevent hanging requests from blocking the proxy"],"best_for":["High-concurrency MCP proxies handling multiple simultaneous client requests","Deployments requiring detailed request tracing and debugging","Teams needing to implement custom routing logic (e.g., round-robin across multiple servers)"],"limitations":["Request correlation adds memory overhead — each in-flight request consumes memory for context tracking","Timeout handling is synchronous — no async timeout cancellation, may leave orphaned requests on remote server","Error propagation is best-effort — some network errors may not propagate cleanly back to client","No built-in request deduplication — duplicate requests from client are forwarded twice to remote server"],"requires":["Request/response correlation mechanism (e.g., JSON-RPC id field)","Timeout configuration (per-request or global)","Error handling strategy (retry, fail-fast, circuit breaker)"],"input_types":["MCP JSON-RPC request from client (with method, params, id)","OAuth token and session context","Request metadata (timestamp, client IP, etc.)"],"output_types":["MCP JSON-RPC response from remote server (with result or error)","Error responses with context (timeout, network error, server error)","Request metrics (latency, success/failure rate)"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-mcp-remote__cap_5","uri":"capability://safety.moderation.transparent.client.authentication.abstraction","name":"transparent client authentication abstraction","description":"Abstracts away OAuth authentication details from the MCP client, making the proxy appear as a local MCP server that requires no authentication. Handles the OAuth flow (authorization code exchange, token refresh) transparently, so clients designed for local-only operation work unmodified against remote servers. Implements credential injection into outbound requests to remote servers.","intents":["Use an unmodified MCP client (e.g., Claude Desktop) against a remote OAuth-protected server","Hide OAuth complexity from client developers so they focus on MCP protocol, not authentication","Support multiple authentication schemes (OAuth, API key, mTLS) without changing client code","Enforce authentication policy at the proxy boundary rather than in individual servers"],"best_for":["Organizations deploying MCP to non-technical users who shouldn't manage OAuth tokens","Teams standardizing on a single authentication mechanism across multiple MCP servers","Developers building MCP clients that should work with both local and remote servers transparently"],"limitations":["Abstraction hides authentication details, making debugging harder when auth fails","Proxy becomes a single point of failure for authentication — if proxy is compromised, all clients are compromised","No per-request authentication override — all requests use the same OAuth token","Client has no visibility into token expiration or authentication status"],"requires":["OAuth provider configuration (client_id, client_secret, token endpoint)","MCP client supporting the proxy's connection protocol (stdio or HTTP/SSE)","Mechanism to obtain initial authorization code (e.g., browser redirect, CLI prompt)"],"input_types":["MCP requests from client (no authentication headers)","OAuth authorization code (from initial setup)","Remote server URL and authentication requirements"],"output_types":["MCP responses to client (transparently authenticated)","Authenticated requests to remote server (with OAuth token in headers or body)"],"categories":["safety-moderation","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0}],"trust":{"score":29,"verified":false,"data_access_risk":"high","permissions":["Node.js 16+ (typical for npm packages)","OAuth provider with client credentials (e.g., GitHub, Google, custom OIDC server)","Remote MCP server accessible over network (HTTP/HTTPS or stdio-over-network)","Client supporting MCP protocol (Claude Desktop, custom MCP client, etc.)","Node.js with stream/events API support","MCP client supporting stdio transport (e.g., Claude Desktop)","Remote MCP server exposing HTTP/SSE endpoint","Network connectivity between proxy and remote server","OAuth provider supporting refresh token grant (e.g., authorization code flow with refresh token)","Client credentials (client_id, client_secret) for OAuth provider"],"failure_modes":["Adds network round-trip latency for every MCP request (typically 50-200ms depending on network conditions)","OAuth token refresh adds blocking I/O during token expiration — no async token refresh mechanism documented","Requires OAuth provider configuration upstream — no built-in identity provider, only proxy layer","Single proxy instance becomes a bottleneck; horizontal scaling requires load balancer and shared session store","SSE is unidirectional (server → client); bidirectional communication requires polling or WebSocket upgrade (not mentioned in docs)","Stdio buffering and message framing differences may cause edge cases with large payloads or rapid message sequences","No built-in message compression — large context payloads over HTTP incur full bandwidth cost","Transport abstraction adds ~10-50ms per message due to serialization/deserialization overhead","In-memory token storage is lost on proxy restart — no persistence layer documented","No distributed session store — token cache is local to proxy instance, breaks horizontal scaling","builder identity is not verified yet","no observed match outcomes yet"],"rank_breakdown":{"adoption":0.05,"quality":0.37,"ecosystem":0.45,"match_graph":0.25,"freshness":0.52,"weights":{"adoption":0.25,"quality":0.25,"ecosystem":0.15,"match_graph":0.23,"freshness":0.12}},"observed_outcomes":{"matches":0,"success_rate":0,"avg_confidence":0,"top_intents":[],"last_matched_at":null},"maintenance":{"status":"active","updated_at":"2026-05-24T12:16:23.903Z","last_scraped_at":"2026-05-03T14:23:52.160Z","last_commit":null},"community":{"stars":null,"forks":null,"weekly_downloads":null,"model_downloads":null,"model_likes":null}},"distribution":{"claim_url":"https://unfragile.ai/submit?claim=npm-mcp-remote","compare_url":"https://unfragile.ai/compare?artifact=npm-mcp-remote"}},"signature":"skujUcVhgPshyvk+c6pndx5EEV6bqM4QuVJ2i/0R0VHJHTSyTwxW2w98MSVnYSDzlfSkczorCmhIXo5Uf3Q6Dw==","signedAt":"2026-06-21T17:26:19.111Z","signedBy":"unfragile.ai","version":1},"_links":{"self":"https://unfragile.ai/api/v1/passport/npm-mcp-remote","artifact":"https://unfragile.ai/npm-mcp-remote","verify":"https://unfragile.ai/api/v1/verify?slug=npm-mcp-remote","publicKey":"https://unfragile.ai/api/v1/trust-passport-public-key","spec":"https://unfragile.ai/trust","schema":"https://unfragile.ai/schema.json","docs":"https://unfragile.ai/docs"}}