Delv
CommunityActive· 18d4.3by Klavis AI

Klavis

Open-source MCP integration platform with 100+ prebuilt OAuth-backed connectors, intelligent routing, and sandboxes.

View repo Homepage
C
Safety & Trust

Delv Safety Grade: C

Score 58/100 · assessed 2026-04-18

Maintainer45
Permissions40
Supply chain35
Transparency75
Incidents100

Klavis is a community-built MCP integration platform claiming 100+ OAuth connectors and sandboxing capabilities. The project appears relatively new with limited maintainer track record - Klavis AI is not an established vendor. Docker-only distribution with no package manager support raises supply chain concerns, as users must build and run containers from source without version pinning or signed releases. The platform's scope is exceptionally broad, acting as a meta-layer that routes to numerous external services, which multiplies attack surface. While the open-source nature and documentation provide some transparency, the combination of wide permissions (OAuth to 100+ services, network access, potential filesystem access via Docker), unproven maintainer, and non-standard distribution creates meaningful risk. No known incidents, but the architecture inherently requires trusting both Klavis code and all connected services.

Green flags

  • Open source on GitHub with visible code
  • Sandboxing mentioned in description suggests security awareness
  • OAuth-backed connectors better than API key sprawl
  • No known security incidents to date

Red flags

  • Docker-only install with no package manager or signed releases
  • Claims 100+ OAuth connectors - extremely broad attack surface
  • New/unproven maintainer with limited track record
  • Meta-platform architecture multiplies trust requirements
  • No versioned releases or dependency pinning visible

Permissions requested

Outbound networkPrivate networkAccess secretsRead filesWrite filesIdentity readIdentity write
Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.

Install

Self-hosted via Docker

Review

Klavis is a self-hosted MCP gateway that bundles over 100 OAuth-backed connectors into a single server. Instead of installing separate MCP servers for Slack, GitHub, Notion, and a dozen other services, you run one Docker container and route tool calls through it. The pitch is simple: one config block in your Claude Desktop setup, one authentication flow per service, and your agent gets access to everything. I'd reach for this if I'm building agents that need to touch multiple SaaS APIs. The OAuth handling alone saves hours of token wrangling. You authenticate once per service through a local web UI, and Klavis stores credentials in a sandboxed environment. It also does intelligent routing, so if your agent asks to 'create a GitHub issue', Klavis knows which connector to invoke without you hardcoding tool names. The sandboxing is worth calling out. Each connector runs in isolation, so a misbehaving integration won't crash the whole gateway. This matters more in production than in local dev, but it's a thoughtful design choice. Quirks: it's Docker-only, so if you're allergic to containers, this isn't for you. The repo is young, so expect some connectors to be better documented than others. I found the GitHub and Slack integrations solid, but a few niche connectors had sparse examples. The routing logic is clever but opaque until you read the docs twice. Who shouldn't bother: if you only need one or two integrations, installing individual MCP servers is simpler. Klavis makes sense when you're juggling five or more services and want a single point of configuration. It's also overkill for casual tinkering unless you enjoy infrastructure. One specific workflow: I used it to build an agent that triages support tickets. It reads from a Slack channel, checks if there's a matching GitHub issue, and if not, creates one with context from Notion docs. Without Klavis, that's three separate MCP servers and three auth flows. With it, I configured once and the agent just worked.
Verdict

Install Klavis if you're connecting agents to multiple SaaS APIs and want OAuth handled properly. Skip it if you only need one or two integrations, or if Docker feels like too much overhead for your use case. It's a serious tool for serious multi-integration work.

Good at

  • Bundles 100+ connectors into one MCP server, so you configure once instead of managing dozens of separate servers.
  • OAuth flows are handled through a local web UI, no manual token copying or environment variable juggling.
  • Intelligent routing means your agent can ask for actions in plain language without you hardcoding tool names.
  • Sandboxed connectors isolate failures, so one broken integration doesn't take down the whole gateway.
  • Self-hosted, so your API tokens stay on your infrastructure instead of passing through a third-party service.

Watch out

  • Docker-only deployment adds overhead if you're not already running containers locally.
  • Documentation for niche connectors is patchy; you'll need to read source code for some integrations.
  • The routing logic is powerful but not immediately obvious, expect a learning curve before it clicks.
  • Young project, so expect rough edges and occasional breaking changes as it matures.
  • Overkill for simple use cases; if you only need one or two integrations, individual MCP servers are faster to set up.

Use cases

  • multi-integration hub
  • OAuth connector bundling
  • agent tool routing
  • enterprise MCP gateway

Getting started

1. Clone the repo and run `docker-compose up` to start the Klavis gateway locally. It'll expose a web UI on localhost:3000. 2. Open the UI, authenticate each service you want to use (GitHub, Slack, etc.) via OAuth. Klavis stores tokens securely. 3. Add Klavis to your Claude Desktop config as a single MCP server entry, pointing to the Docker container's endpoint. 4. Test by asking Claude to perform an action that requires one of your connected services, like 'list my GitHub repos'. 5. Watch out for connector-specific quirks: some services require extra scopes or have rate limits that aren't surfaced in the UI until you hit them.

Works with

Claude DesktopClaude CodeCursor

Similar MCPs