Is Giftcardshop free?

Yes, Giftcardshop is free to use.

How do I install Giftcardshop?

Giftcardshop is a local plugin. Install it using npm package: @giftcardshop/mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What credentials does Giftcardshop need?

Giftcardshop requires the following credentials or environment variables: GCS_INTERNAL_SECRET, GCS_API_BASE. You can find setup instructions on the server detail page.

What AI apps work with Giftcardshop?

Giftcardshop uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Giftcardshop MCP Server

by I2dor

Developer ToolsModerate5.2MCP RegistryLocal

Free

Server data from the Official MCP Registry

Browse the giftcardshop catalog and buy gift cards with Lightning over MCP. No account, no signup.

About

Browse the giftcardshop catalog and buy gift cards with Lightning over MCP. No account, no signup.

Security Report

5.2

Moderate5.2Moderate Risk

Well-structured MCP server with proper authentication scoping and clean code quality. The read tools require no authentication and call a public API, while the sensitive create_order operation is properly gated behind a shared HMAC secret (GCS_INTERNAL_SECRET). Input validation via Zod is present, error handling is appropriate, and there are no malicious patterns or dangerous operations detected. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue.

7 files analyzed · 7 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

HTTP Network Access

Connects to external APIs or services over the internet.

env_vars

Check that this permission is expected for this type of plugin.

What You'll Need

Set these up before or after installing:

64-hex HMAC secret that enables create_order (Lightning checkout). Browsing tools work without it. Requested at https://giftcardshop.org/contact.Required

Environment variable: GCS_INTERNAL_SECRET

Override the public API base. Defaults to https://api.giftcardshop.org.Optional

Environment variable: GCS_API_BASE

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "org-giftcardshop-mcp": {
      "env": {
        "GCS_API_BASE": "your-gcs-api-base-here",
        "GCS_INTERNAL_SECRET": "your-gcs-internal-secret-here"
      },
      "args": [
        "-y",
        "@giftcardshop/mcp"
      ],
      "command": "npx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

@giftcardshop/mcp

MCP server that lets AI agents browse the giftcardshop catalog and buy gift cards with Lightning - no account, no signup. The agent pays a Lightning invoice and receives a single-view reveal link with the code.

Read tools work against the live public API with no key. create_order is early access: it needs the shared GCS_INTERNAL_SECRET (request one at https://giftcardshop.org/contact); without it the read tools still work and create_order reports that it is not configured.

Tools

Tool	Kind	Backed by
`list_brands`	read	`GET /v1/brands`
`search_products`	read	`GET /v1/products`
`get_product`	read	`GET /v1/products/:id` (variants + denominations)
`get_order_status`	read	`GET /v1/orders/:id` (payment state + reveal availability)
`create_order`	write	`POST /internal/agent-orders` (HMAC) -> Lightning invoice

Read tools pass the API JSON through verbatim. create_order returns { orderId, invoiceId, invoiceUrl, bolt11?, sats?, total, currency, expiresAt }.

Run

# read-only (browsing works, create_order reports "not configured")
npx @giftcardshop/mcp

# with checkout enabled
GCS_INTERNAL_SECRET=<64-hex> npx @giftcardshop/mcp

Claude Desktop / any MCP client (stdio):

{
  "mcpServers": {
    "giftcardshop": {
      "command": "npx",
      "args": ["-y", "@giftcardshop/mcp"],
      "env": { "GCS_INTERNAL_SECRET": "<64-hex>" }
    }
  }
}

Config

Env	Default	Purpose
`GCS_API_BASE`	`https://api.giftcardshop.org`	public API base
`GCS_INTERNAL_SECRET`	(unset)	64-hex HMAC secret; enables `create_order`. Unset = read-only.

Checkout (create_order)

create_order POSTs to POST /internal/agent-orders, HMAC-signed with GCS_INTERNAL_SECRET (header x-internal-sig), and returns a Lightning invoice. Pay it, then poll get_order_status for the single-view reveal link. No Nostr identity and no partner account required.

Roadmap

L402 (Lightning HTTP 402) so an agent pays per-call without a human step.
A hosted remote MCP over HTTP, so there is nothing to install.
A btcrecharge MCP for mobile top-ups (same shape).

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Fetch

Free

by Modelcontextprotocol · Developer Tools

Web content fetching and conversion for efficient LLM usage

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

Giftcardshop MCP Server

About

Security Report

Findings (7)Action required

Permissions Required

What You'll Need

How to Install

Documentation

@giftcardshop/mcp

Tools

Run

Config

Checkout (create_order)

Roadmap

Reviews

No reviews yet

More Developer Tools MCP Servers

Fetch

Toleno

mcp-creator-python

MarkItDown

FinAgent

mcp-creator-typescript