Skip to main content
hc
Submit
mcpSource-backedReview first Safety Privacy

HAPI MCP Server

HAPI MCP exposes OpenAPI specifications as MCP tools dynamically using the la-rebelion hapimcp project and MCP Registry package ai.com.mcp/hapi-mcp.

by HAPI MCP·added 2026-06-17·
Claude CodeCursorClaude Desktop
HarnessClaude CodeCursorClaude Desktop
Review first review before installing

Open the source and read safety notes before installing.

Safety notes

  • HAPI exposes live API operations as MCP tools—inherited auth, rate limits, and write scope apply.
  • Mount only trusted OpenAPI specs; malicious operations become callable tools.
  • Protect Authorization headers; registry metadata marks them as secrets.

Privacy notes

  • Tool calls may send API payloads, account metadata, and response bodies to the MCP client.
  • Self-hosted Docker deployments keep traffic on your infrastructure; review OpenAPI response schemas for PII.

Prerequisites

  • OpenAPI specification file or project configured for HAPI CLI serve mode.
  • Docker available for the OCI package docker.io/hapimcp/hapi-cli.
  • Review of which API operations become MCP tools before enabling write methods.

Schema details

Install type
cli
Troubleshooting
No
Source repository stats
Scope
Source repo
Collection metadata
Estimated setup
20 minutes
Difficulty
intermediate
Full copyable content
{
  "mcpServers": {
    "hapi": {
      "url": "https://YOUR_HAPI_HOST:3030/mcp",
      "type": "http"
    }
  }
}

About this resource

Overview

HAPI MCP converts OpenAPI catalogs into MCP tools without rewriting backend services. The project README and MCP Registry entry ai.com.mcp/hapi-mcp document Docker-based hapi-cli serve workflows and streamable HTTP transport.

Installation

Docker (registry package)

docker run -p 3030:3030 -v ~/.hapi:/app/.hapi docker.io/hapimcp/hapi-cli:0.6.0 serve YOUR_PROJECT

Point MCP clients at the documented /mcp HTTP endpoint with required Authorization headers.

Source Verification Notes

Verified on 2026-06-17:

  • GitHub repository la-rebelion/hapimcp README describes OpenAPI-in, MCP-tools-out workflow.
  • MCP Registry lists ai.com.mcp/hapi-mcp with OCI package docker.io/hapimcp/hapi-cli:0.6.0.
  • Registry transport type is streamable-http with secret Authorization header guidance.

Duplicate Check

No existing content/mcp/ entry documents HAPI OpenAPI-to-MCP tooling.

Editorial Disclosure

Community MCP listing by kiannidev from public README and MCP Registry metadata. No affiliate links.

#openapi#hapi#mcp#api-first

Source citations

Add this badge to your README

Show that HAPI MCP Server is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

Listed on HeyClaude
[![Listed on HeyClaude](https://heyclau.de/badge/mcp/hapi-mcp-server.svg)](https://heyclau.de/entry/mcp/hapi-mcp-server)

How it compares

HAPI MCP Server side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

FieldHAPI MCP Server

HAPI MCP exposes OpenAPI specifications as MCP tools dynamically using the la-rebelion hapimcp project and MCP Registry package ai.com.mcp/hapi-mcp.

Open dossier 		After Effects MCP Server

MCP server for controlling Adobe After Effects through a local Node bridge and ScriptUI panel for compositions, layers, keyframes, expressions, masks, and effects.

Open dossier 		AI Game Developer Unity MCP Server

Unity MCP server, plugin, CLI, and skill generator for controlling Unity Editor and runtime projects from MCP clients through built-in game-dev tools.

Open dossier 		Alpaca MCP Server

Official Alpaca MCP server for Trading API workflows, including account and portfolio data, orders, positions, watchlists, assets, stocks, crypto, options, news, corporate actions, and market data.

Open dossier
Trust
Install riskReview firstReview firstReview firstReview first
Notes Safety Privacy Safety Privacy Safety Privacy Safety Privacy
Categorymcpmcpmcpmcp
Sourcesource-backedsource-backedsource-backedsource-backed
AuthorHAPI MCPDakkshinIvan MurzakAlpaca
Added2026-06-172026-06-062026-06-062026-06-06
Platforms
Claude CodeCursorClaude Desktop
Claude CodeClaude Desktop
Claude CodeClaude Desktop
Claude CodeClaude Desktop
Source repo
Safety notesHAPI exposes live API operations as MCP tools—inherited auth, rate limits, and write scope apply. Mount only trusted OpenAPI specs; malicious operations become callable tools. Protect Authorization headers; registry metadata marks them as secrets.After Effects MCP queues predefined commands to a local bridge directory and relies on an open After Effects ScriptUI panel to execute them. The bridge can create compositions, text layers, shape layers, solid layers, cameras, null objects, masks, keyframes, expressions, effects, and layer property changes. Layer duplication, layer deletion, expression changes, masks, timing edits, and batch property updates can materially alter an After Effects project. The install script may copy files into Adobe application folders and may require elevated privileges on some systems. Enabling After Effects scripting permissions can let scripts write files and access network resources, so keep the bridge limited to trusted projects. Use only the predefined script list exposed by the MCP server; do not modify it to accept arbitrary scripts unless that risk is understood.AI Game Developer can create, move, copy, modify, and delete Unity assets, scenes, GameObjects, components, scripts, packages, and generated project files. Tools include dynamic C# script execution, C# reflection method lookup and calls, package installation/removal, Unity test execution, editor state changes, play mode control, screenshots, and profiler access. The MCP server supports streamable HTTP and stdio; HTTP deployments should require a bearer token and stay bound to trusted interfaces. Server variables include optional authorization and webhook settings; webhook endpoints can receive tool, prompt, resource, connection, and authorization events. Unity runtime connections can expose compiled game state or in-game behavior to an MCP client, not just editor-only project data. Use source control, backups, tool filtering, and explicit review before allowing destructive tools such as asset deletion, package removal, script execution, or reflection calls.Alpaca MCP Server can expose account balances, buying power, positions, orders, activities, watchlists, assets, market data, news, corporate actions, stocks, crypto, options data, and trading tools to the MCP client. Trading tools can place stock, ETF, crypto, and option orders, cancel orders, close positions, liquidate portfolios, replace orders, and exercise or mark do-not-exercise option contracts. Paper trading is the default documented mode; setting `ALPACA_PAPER_TRADE=false` points trading calls at live Alpaca accounts and can result in real financial losses. Require explicit human approval before any order placement, cancellation, liquidation, option exercise, live-account change, or strategy involving leverage, margin, extended hours, crypto, or options. Use `ALPACA_TOOLSETS` to restrict the server to read-only or data-only toolsets when trading tools are not needed. The upstream order override code warns that read timeouts may happen after an order was sent; users should check open orders before retrying to avoid duplicate trades.
Privacy notesTool calls may send API payloads, account metadata, and response bodies to the MCP client. Self-hosted Docker deployments keep traffic on your infrastructure; review OpenAPI response schemas for PII.Tool calls and results can expose composition names, project structure, layer names, layer properties, timing, expressions, effect names, masks, and local bridge file paths. Project contents may include client work, unreleased media, brand assets, filenames, text layers, and animation details. The command and result files in the local bridge directory can persist recent instructions and After Effects output. MCP client logs and model context may retain prompts, layer names, generated expressions, and project metadata.Tool calls may expose Unity project paths, asset names, scene hierarchy, serialized object data, scripts, logs, screenshots, profiler metrics, test output, package metadata, and runtime state. MCP config files and Unity plugin config can contain server URLs, connection modes, bearer tokens, authorization settings, enabled tool IDs, and cloud or local endpoint details. Optional webhooks can receive tool, prompt, resource, connection, authorization, and token-bearing request data. Screenshots from Game View, Scene View, cameras, or isolated GameObjects may include proprietary artwork, level design, UI, debug overlays, or unreleased game content. Generated skills and AI-client configuration files can reveal available tools, project structure, installed packages, and local workflow assumptions.Alpaca API keys, secret keys, account IDs, balances, buying power, portfolio history, activities, positions, orders, watchlists, option contracts, crypto holdings, and trade history can be exposed to the MCP client. Prompts and responses may include private trading strategy, portfolio allocation, order intent, symbols, quantities, prices, client order IDs, and market data queries. MCP clients, model providers, terminal history, logs, and chat transcripts may retain financial data and trading instructions. Upstream documentation states the server sends an Alpaca MCP user agent string for API calls; review Alpaca privacy and disclosure materials for account data handling.
Prerequisites
  • OpenAPI specification file or project configured for HAPI CLI serve mode.
  • Docker available for the OCI package docker.io/hapimcp/hapi-cli.
  • Review of which API operations become MCP tools before enabling write methods.
  • Adobe After Effects 2022 or newer.
  • Node.js, npm, and a local checkout of the repository.
  • Permission to install the ScriptUI panel into the After Effects ScriptUI Panels folder.
  • After Effects scripting preferences reviewed, including whether scripts may write files and access the network.
  • Unity project using Unity 2022.3 or newer for the current package metadata.
  • Unity Hub or a local Unity Editor installation.
  • Node.js 20.19 or newer, or Node.js 22.12 or newer, for `unity-mcp-cli`.
  • An MCP client such as Claude Code, Claude Desktop, Codex, Cursor, Gemini CLI, GitHub Copilot, Cline, or another supported client.
  • Python 3.10 or newer and uv or uvx available.
  • Alpaca API key and secret key for a paper trading account or an explicitly approved live account.
  • Review of Alpaca account permissions, paper versus live mode, options approval, crypto availability, and market data subscription limits.
  • A narrow `ALPACA_TOOLSETS` allowlist for the workflow whenever full trading access is not required.
Install
docker run -p 3030:3030 -v ~/.hapi:/app/.hapi docker.io/hapimcp/hapi-cli:0.6.0 serve
git clone https://github.com/Dakkshin/after-effects-mcp.git && cd after-effects-mcp && npm install && npm run build
npm install -g unity-mcp-cli && unity-mcp-cli install-plugin ./MyUnityProject
uvx alpaca-mcp-server
Config
{
  "mcpServers": {
    "hapi": {
      "url": "https://YOUR_HAPI_HOST:3030/mcp",
      "type": "http",
      "headers": {
        "Authorization": "Bearer YOUR_TOKEN"
      }
    }
  }
}
Manual-only setup:
npm run build && npm run install-bridge
Manual-only setup:
npm install -g unity-mcp-cli
unity-mcp-cli install-plugin ./MyUnityProject
unity-mcp-cli open ./MyUnityProject
Manual-only setup:
claude mcp add alpaca --scope user --transport stdio uvx alpaca-mcp-server --env ALPACA_API_KEY=YOUR_ALPACA_API_KEY --env ALPACA_SECRET_KEY=YOUR_ALPACA_SECRET_KEY
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimed

Signals

Loading live community signals…

More like this, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.