Command Palette

Search for a command to run...

UnylyUnyly
Browse all

Safetrade

FreeNot checked

Docs-driven MCP server for SafeTrade REST API with a generic client that reads OpenAPI specs, validates requests, signs private calls, and blocks dangerous oper

GitHubEmbed

About

Docs-driven MCP server for SafeTrade REST API with a generic client that reads OpenAPI specs, validates requests, signs private calls, and blocks dangerous operations like withdrawals by default.

README

Docs-driven Model Context Protocol server for the SafeTrade REST API.

This MCP is intentionally not a one-tool-per-endpoint wrapper. It gives agents a small generic client that reads SafeTrade's OpenAPI docs, validates requests against those docs by default, signs private calls internally, and keeps API secrets out of prompts and command lines.

Tools

safetrade_openapi

Inspect the SafeTrade OpenAPI spec cached by the MCP.

Arguments:

  • path optional API path, such as /trade/public/tickers or /trade/account/members/me
  • method optional HTTP method when path is supplied

Use this first to discover paths, methods, query parameters, body schemas, and response shapes.

safetrade_request

Execute a generic SafeTrade REST request.

Arguments:

  • method: GET, POST, PUT, PATCH, or DELETE; default GET
  • path: relative SafeTrade API path starting with /
  • query: object of query parameters
  • body: JSON body for non-GET requests
  • auth: auto, none, or required; default auto
  • validate: validate method/path against OpenAPI before sending; default true
  • timeoutMs: request timeout; default 15000, max 60000
  • confirmDangerous: must be ALLOW_WITHDRAW for withdraw mutations when withdraws are enabled

Safety model

  • Credentials are read from environment variables or a local key file.
  • Credentials are never returned in tool output.
  • Key files must not be group/world readable. Mode 600 is required.
  • Withdraw mutation endpoints are blocked by default.
  • To allow withdraw mutations, both conditions are required:
    • environment variable SAFETRADE_ALLOW_WITHDRAW=true
    • request argument confirmDangerous: "ALLOW_WITHDRAW"

For normal agent use, create a SafeTrade API key without withdraw permission and IP-lock it at SafeTrade.

Secrets

Preferred key file:

{
  "apiKey": "...",
  "apiSecret": "..."
}

Default path:

~/.config/opencode/keys/safetrade.json

Permissions:

chmod 600 ~/.config/opencode/keys/safetrade.json

Environment variables are also supported:

SAFETRADE_API_KEY=...
SAFETRADE_API_SECRET=...

Install

bun install

Run

bun run index.ts

Self-test:

bun run index.ts --self-test

The self-test checks:

  • OpenAPI lookup works
  • live public /trade/public/tickers request returns HTTP 200
  • withdraw mutation guard blocks before request

If credentials are configured, MCP clients can also call private endpoints such as /trade/account/members/me through safetrade_request.

OMP MCP config example

{
  "mcpServers": {
    "safetrade": {
      "type": "stdio",
      "command": "/home/cachybtw/.bun/bin/bun",
      "args": [
        "run",
        "/home/cachybtw/.config/opencode/mcp/safetrade-mcp/index.ts"
      ],
      "env": {
        "PATH": "/home/cachybtw/.local/bin:/home/cachybtw/.bun/bin:/usr/local/bin:/usr/bin:/bin",
        "SAFETRADE_KEYS_FILE": "/home/cachybtw/.config/opencode/keys/safetrade.json"
      },
      "enabled": true
    }
  }
}

Auth details

The signing implementation follows SafeTrade's official example client:

  • header X-Auth-Apikey: API key
  • header X-Auth-Nonce: millisecond timestamp
  • header X-Auth-Signature: HMAC_SHA256(apiSecret, nonce + apiKey) as lowercase hex

License

MIT

from github.com/NikkeTryHard/safetrade-mcp

Install Safetrade in Claude Desktop, Claude Code & Cursor

Recommended · one command, every IDE
unyly install safetrade-mcp

Installs into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.

First time? Get the CLI: curl -fsSL https://unyly.org/install | sh

Or configure manually

Run in your terminal:

claude mcp add safetrade-mcp -- npx -y github:NikkeTryHard/safetrade-mcp

FAQ

Is Safetrade MCP free?

Yes, Safetrade MCP is free — one-click install via Unyly at no cost.

Does Safetrade need an API key?

No, Safetrade runs without API keys or environment variables.

Is Safetrade hosted or self-hosted?

A hosted option is available: Unyly runs the server in the cloud, no local setup required.

How do I install Safetrade in Claude Desktop, Claude Code or Cursor?

Open Safetrade on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.

Related MCPs

Compare Safetrade with

Not sure what to pick?

Find your stack in 60 seconds

Author?

Embed badge for your README

Browse similar

All productivity MCPs