Sherpa MCP Server

Remote MCP server acting as a personal assistant with secure OAuth authentication, integrating Google Calendar, TickTick tasks, meal logging, workout tracking, and water intake logging.

→ rajshah11/sherpa-mcp-server · listed on glama

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

✅

No credential exfiltration, no sensitive file access, no obfuscation

Static analysis found nothing flowing your secrets to unexpected places.

🔐

You'll be asked for 3 credentials: TICKTICK_CLIENT_SECRET, AUTH0_CLIENT_SECRET, TICKTICK_ACCESS_TOKEN

These are read from process.env at runtime. Make sure you trust where they’ll be sent.

// required environment variables

This server reads these from process.env. You'll be asked to provide them before it can run.

configTIMEZONE

configGOOGLE_CALENDAR_TOKEN_JSON

configGOOGLE_CALENDAR_CREDENTIALS_JSON

configTICKTICK_CLIENT_ID

🔐 secretTICKTICK_CLIENT_SECRET

configALLOWED_CLIENT_REDIRECT_URIS— 4. Restrict appropriately

configAUTH0_CONFIG_URL— e ="https://YOUR_DOMAIN.auth0.com/.well-known/openid-configuration" \

configAUTH0_CLIENT_ID— your-client-id

🔐 secretAUTH0_CLIENT_SECRET— your-client-secret

configAUTH0_AUDIENCE— e ="https://api.sherpa-mcp.com" \

configSERVER_BASE_URL— 1. Always use HTTPS in production (set to https://)

configREQUIRE_CONSENT— 2. Keep =true in production

configPORT— Assigned port (server.py handles this)

configSERVER_PORT

configSERVER_HOST

🔐 secretTICKTICK_ACCESS_TOKEN

configWATER_DAILY_GOAL_ML— Configurable daily goal via env var (default: 1920ml)

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 6 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/rajshah11-sherpa-mcp-server-1uie26)](https://m8ven.ai/mcp/rajshah11-sherpa-mcp-server-1uie26)

commit: fa466589568ee50341de45ac828e9d9466d99a4c

code hash: 85f7c238036fd75767325cdc0eca8753747fa9a5e990fd3c5880289ee47663bf

verified: 6/22/2026, 1:08:35 PM

view raw JSON →