Gainium

Read and manage Gainium DCA/Combo/Grid bots, deals, balances, backtests, the crypto screener, and curated strategy presets via MCP.

→ Gainium/gainium-mcp · listed on glama

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

🚨

Known vulnerabilities in dependencies: 1 critical, 3 high

Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.

🔐

You'll be asked for 4 credentials: GAINIUM_API_KEY, GAINIUM_API_SECRET, MCP_INTROSPECTION_SECRET, OPENAI_APPS_CHALLENGE_TOKEN

These are read from process.env at runtime. Make sure you trust where they’ll be sent.

// required environment variables

This server reads these from process.env. You'll be asked to provide them before it can run.

configGAINIUM_ALLOWED_BOT_ID

configGAINIUM_API_BASE_URL— No https://api.gainium.io API base URL

🔐 secretGAINIUM_API_KEY— "": "<your-api-key>",

🔐 secretGAINIUM_API_SECRET— "": "<your-api-secret>"

configGAINIUM_INTROSPECTION_URL— No <issuer>/oauth/introspect Token introspection endpoint

configGAINIUM_MCP_HOST— No 127.0.0.1 Bind host for HTTP mode

configGAINIUM_MCP_HTTP_PATH— No /mcp Streamable HTTP endpoint path

configGAINIUM_MCP_MESSAGES_PATH— No /messages Deprecated SSE POST endpoint path

configGAINIUM_MCP_PORT— No 3000 Bind port for HTTP mode

configGAINIUM_MCP_PUBLIC_URL— No derived from request Public base URL used in the protected-resource metadata

configGAINIUM_MCP_SSE_PATH— No /sse Deprecated SSE GET endpoint path

configGAINIUM_MCP_TRANSPORT— No stdio Transport mode: stdio, http, streamable-http, sse, or http-sse

configGAINIUM_OAUTH_ISSUER— No — Authorization-server base URL. Setting this (with MCP_INTROSPECTION_SECRET, in HTTP mode) enables OAuth protected-resource mode

configGAINIUM_PAPER_ONLY

configGAINIUM_READONLY— Read-only directory connector (/mcp with =true, served at mcp.gainium.io/read): exposes and allows only the 9 readOnlyHint tools — run_backtest and all write tools are excluded

configMCP_HOST

configMCP_HTTP_PATH

🔐 secretMCP_INTROSPECTION_SECRET— GAINIUM_OAUTH_ISSUER No — Authorization-server base URL. Setting this (with , in HTTP mode) enables OAuth protected-resource mode

configMCP_MESSAGES_PATH

configMCP_PORT

configMCP_SSE_PATH

configMCP_TRANSPORT

🔐 secretOPENAI_APPS_CHALLENGE_TOKEN— No — When set, served as plain text at /.well-known/openai-apps-challenge for OpenAI Apps domain verification

configPORT

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 3 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/gainium-gainium-mcp-1gjmpd)](https://m8ven.ai/mcp/gainium-gainium-mcp-1gjmpd)

commit: bfe64a39f69f88824cdff99d8dfee8e29c7641e9

code hash: dae942190e8042f9e49d375d43518b2b5b4a1a45013713a36aabfe8da2ce41a1

verified: 6/17/2026, 11:26:18 AM

view raw JSON →