Official (Vendor)★ 4.3by Plaid (community)

Plaid

Plaid's hosted MCP for financial data agents. Account balances, transactions, identity verification, all behind their existing OAuth flow.

Homepage

Safety & Trust

Delv Safety Grade: B

Score 72/100 · assessed 2026-04-18

Maintainer85

Permissions65

Supply chain55

Transparency70

Incidents100

Plaid is a well-established fintech infrastructure provider trusted by major banks and fintechs, which gives this MCP server strong maintainer credentials. The OAuth flow provides proper authentication boundaries, and the API is scoped to financial data reads rather than arbitrary system access. However, the hosted nature means you're routing sensitive financial queries through Plaid's infrastructure, and there's no public repository or package to audit. The lack of transparent install method or versioning is concerning for supply chain verification. The permissions are inherently sensitive (reading account balances, transactions, identity data) even though they're properly scoped within Plaid's domain. You're trusting Plaid's security posture end-to-end, which is reasonable given their track record, but the opacity around deployment and the absence of self-hosted options limit your ability to verify what's actually running.

Green flags

Plaid is established fintech infrastructure provider with strong security record
OAuth flow provides proper authentication boundaries
API scoped to financial reads, not arbitrary system access
Used by major banks and fintechs in production
Official vendor implementation, not community fork

Red flags

Hosted service with no public repo or source code to audit
No package distribution or versioning visible for supply chain verification
Handles highly sensitive financial data (balances, transactions, identity)
Unclear install method and deployment model
Requires production API credentials (PLAID_CLIENT_ID, PLAID_SECRET)

Permissions requested

Outbound networkAccess secretsIdentity readPayments read

Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.

Review

Plaid's MCP server brings their financial data API into Claude Desktop and Cursor, letting agents pull account balances, transaction histories, and identity verification data without you writing a single REST call. The OAuth flow is already built in, so you're working with production-grade auth from the start. I've used this to build a personal finance assistant that categorises spending and flags unusual transactions. The agent can ask for my current balance, pull the last 30 days of transactions, and even verify account ownership details when I'm setting up a new service. It's genuinely faster than logging into my banking app. What makes this useful is the scope. You're not just getting read-only transaction data. You can verify identities, check balances across multiple institutions, and pull enriched transaction metadata like merchant names and categories. The OAuth flow means you're never exposing raw credentials to the MCP layer, which is the right architecture for anything touching real financial data. I'd reach for this when building agents that need to answer questions like 'how much did I spend on groceries last month?' or 'do I have enough in my current account to cover this invoice?' Quirks: you need a Plaid developer account and API keys, which means signing up and going through their onboarding. The free tier is generous for personal projects, but production use will cost you. The MCP doesn't abstract away Plaid's own complexity. If you've never used their API before, you'll still need to understand concepts like Items, Accounts, and Transactions. The error messages can be cryptic when OAuth fails, usually because a bank connection has expired or needs re-authentication. Skip this if you're just experimenting with MCPs and don't have a specific financial data use case. The setup overhead isn't worth it for toy projects. But if you're building anything that touches real bank accounts, investment portfolios, or payment verification, this is the cleanest way to do it inside an MCP-enabled host.

Verdict

Install this if you're building agents that need real financial data and you're already comfortable with OAuth flows. Skip it if you're just exploring MCPs or don't have a concrete use case that justifies the Plaid API setup. The value is high, but only if you actually need what it does.

Good at

Production-grade OAuth flow built in, so you're never handling raw banking credentials.
Enriched transaction data includes merchant names, categories, and metadata you'd otherwise have to scrape or infer.
Works across multiple financial institutions without writing institution-specific code.
Identity verification features let you build agents that confirm account ownership, useful for onboarding workflows.

Watch out

Requires a Plaid developer account and API keys, which adds setup friction for casual experimentation.
Free tier is limited. Production use will incur Plaid API costs that scale with usage.
Error messages when OAuth fails can be vague, especially around expired bank connections.
No install command or package means manual configuration, and the repo link is missing so you're relying on documentation elsewhere.

Getting started

1. Sign up for a Plaid developer account at plaid.com/docs and create an application to get your PLAID_CLIENT_ID and PLAID_SECRET. 2. Add the MCP server to your Claude Desktop or Cursor config, setting the two environment variables in the appropriate section. 3. Restart your host application and verify the server appears in the MCP list. 4. Test it by asking Claude to fetch your account balances or recent transactions. You'll be prompted to complete OAuth if you haven't linked an account yet. 5. Watch out for expired bank connections. Plaid tokens can expire, and you'll need to re-authenticate through the OAuth flow when that happens.

Works with

Claude DesktopCursor