Is Account Pool free?

Yes, Account Pool is free to use.

How do I install Account Pool?

Account Pool is a local plugin. Install it using npm package: account-pool-mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

Is Account Pool safe to use?

Account Pool scored 5.2/10 (moderate risk) in MCP Marketplace's automated security scan. It has 5 high or critical findings to review. It's listed, but review the security report on this page before installing.

What credentials does Account Pool need?

Account Pool requires the following credentials or environment variables: APM_ACCOUNTS_FILE, APM_DB_PATH, APM_DEFAULT_TTL_SECONDS, APM_LEASE_WAIT_MS. You can find setup instructions on the server detail page.

What AI apps work with Account Pool?

Account Pool uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Account Pool MCP Server

by Ankitsxchdeva

Developer ToolsModerate5.2MCP RegistryLocal

Free

Server data from the Official MCP Registry

Exclusive, crash-safe leases on a pool of test accounts for parallel agent QA runs.

About

Exclusive, crash-safe leases on a pool of test accounts for parallel agent QA runs.

Security Report

5.2

Moderate5.2Moderate Risk

This is a well-designed MCP server with strong security practices. The codebase demonstrates proper authentication through lease tokens, careful credential handling with env-var indirection and redaction, and excellent concurrency safety using SQLite transactions. Credentials are never logged, and the server properly separates concerns (pool logic, database, configuration). Minor code quality observations exist but do not materially impact security. Supply chain analysis found 5 known vulnerabilities in dependencies (2 critical, 3 high severity). Package verification found 1 issue.

7 files analyzed · 10 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

File System Read

Reads files on your machine. Normal for tools that analyze or process local data.

File System Write

Writes or modifies files on your machine. Check that this is expected for the tool.

env_vars

Check that this permission is expected for this type of plugin.

database

Check that this permission is expected for this type of plugin.

What You'll Need

Set these up before or after installing:

Path to the JSON file defining pools + accounts to load on startup.Optional

Environment variable: APM_ACCOUNTS_FILE

Path to the SQLite file. Every session that should coordinate must point at the SAME path.Optional

Environment variable: APM_DB_PATH

How long a lease lasts before it is reclaimable if a session crashes without releasing.Optional

Environment variable: APM_DEFAULT_TTL_SECONDS

0 = fail fast when the pool is empty; >0 = wait this many ms for an account to free up.Optional

Environment variable: APM_LEASE_WAIT_MS

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-ankitsxchdeva-account-pool-mcp": {
      "env": {
        "APM_DB_PATH": "your-apm-db-path-here",
        "APM_ACCOUNTS_FILE": "your-apm-accounts-file-here",
        "APM_LEASE_WAIT_MS": "your-apm-lease-wait-ms-here",
        "APM_DEFAULT_TTL_SECONDS": "your-apm-default-ttl-seconds-here"
      },
      "args": [
        "-y",
        "account-pool-mcp"
      ],
      "command": "npx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

account-pool-mcp

An MCP server that hands out test accounts to agent sessions one at a time, so two sessions never end up logged into the same account.

account-pool-mcp demo: two sessions lease different accounts, a third is refused, the pool recovers on release

The problem

When you run several agent sessions at once — say a few Claude sessions each driving their own Playwright browser — they all need to log in, and left alone they'll grab the same test account and step on each other. Two sessions on one account corrupt each other's state and your test results become meaningless. Picking a random account doesn't really help either: with 10 accounts and 5 sessions, a collision is already more likely than not.

The fix is to lease accounts. A session checks one out, uses it, and returns it. While it's checked out, no one else can be handed it.

How it works

The server keeps a pool of accounts in a small SQLite database and gives them out one at a time. Allocation happens inside a BEGIN IMMEDIATE transaction, so even if several sessions ask at the exact same moment, they can't be handed the same account. Each lease has a TTL, so if a session crashes without returning its account, it gets reclaimed automatically — there's nothing to clean up.

All of this happens in the background. The agent just asks for an account when it needs one; the broker decides which one it gets and guarantees no one else has it. There's no shared parent process — unrelated sessions coordinate purely through the database file.

Tools

lease_account(pool, holder?) — check out an account. Returns the account, its credentials, and a lease_token. Hold it until you're done.
release_account(lease_token) — give it back. Idempotent.
renew_lease(lease_token) — extend the lease if your work runs long (a heartbeat).
pool_status(pool?) — what's leased vs. free. Never returns credential values.

There's also a small account-pool CLI (lease / release / renew / status) over the same database, for scripts and humans.

Setup

Want to see it first? bash examples/demo.sh runs a 60-second, no-install walkthrough — two sessions lease different accounts, a third is correctly refused, and the pool recovers on release.

It's on npm, so there's nothing to clone or build. Register it with your MCP client (e.g. .mcp.json) — npx fetches and caches it on first launch:

{
  "mcpServers": {
    "account-pool": {
      "command": "npx",
      "args": ["-y", "account-pool-mcp"],
      "env": {
        "APM_ACCOUNTS_FILE": "./accounts.json",
        "APM_DB_PATH": "./account-pool.db"
      }
    }
  }
}

Then define your pools in accounts.json (an id and a credentials blob per account):

{ "pools": { "realtor": [
  { "id": "realtor_01", "credentials": { "username": "qa01@example.com", "password": { "env": "REALTOR_01_PW" } } }
] } }

Want the CLI too? Run it ad-hoc with npx account-pool status, or install it on your PATH:

npm install -g account-pool-mcp     # adds `account-pool` (CLI) and `account-pool-mcp` (server)

Point every session's APM_DB_PATH at the same file — that shared file is how they coordinate.

Env var	Default	What it does
`APM_ACCOUNTS_FILE`	`./accounts.json`	Pools + accounts to load on startup.
`APM_DB_PATH`	`./account-pool.db`	The SQLite file. Same path for every session.
`APM_DEFAULT_TTL_SECONDS`	`1800`	How long a lease lasts before it's reclaimable.
`APM_LEASE_WAIT_MS`	`0`	`0` = fail fast when the pool is empty; `>0` = wait this long for one to free up.

A credential value can be { "env": "VAR_NAME" } instead of a literal, so real secrets stay in the environment and out of the accounts file.

Making your agent reach for it automatically

The server ships agent instructions in the MCP handshake — clients like Claude Code, Cursor, and Windsurf inject them into context, so the agent knows to call lease_account before logging in without being told each time. The tool descriptions reinforce it (lease is exclusive; you must release).

For the most reliable pickup, also add a line to your project's own rules file (CLAUDE.md, .cursor/rules/, .windsurfrules) so the agent's instructions and the server's instructions agree:

## Test accounts
This repo has account-pool-mcp configured. Before logging into any test account in a QA or
Playwright run, call `lease_account` to check one out, and `release_account` when done.
Never hard-code, guess, or reuse an account — one account per session at a time.

Security

These are test accounts, not a secrets vault. Credential values are never logged or returned by pool_status — a redacting logger masks them, and all logs go to stderr so they can't corrupt the MCP stream. Keep accounts.json and *.db out of git (only the .example files are committed). The stdio server trusts whoever runs it locally, so don't point it at production credentials.

Limitations

Single host for now: coordination is through one SQLite file, so all sessions have to share a filesystem. The storage layer is isolated behind one module, so a Postgres or Redis backend could swap in later for multi-host coordination without changing the tools.

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Fetch

Free

by Modelcontextprotocol · Developer Tools

Web content fetching and conversion for efficient LLM usage

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

Account Pool MCP Server

About

Security Report

Findings (10)Action required

Permissions Required

What You'll Need

How to Install

Documentation

account-pool-mcp

The problem

How it works

Tools

Setup

Making your agent reach for it automatically

Security

Limitations

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Fetch

Toleno

mcp-creator-python

MarkItDown

FinAgent