pangolinfo-mcp

Pangolinfo MCP server — 18 Amazon e-commerce & IP data tools for AI assistants via Model Context Protocol.

🔗 Official site: www.pangolinfo.com

Plug your favorite AI client (Claude Code, Cursor, Cline, Windsurf, Codex, Hermes, OpenClaw) into Pangolinfo's Amazon scrape APIs and let the AI run keyword research, listing analysis, review mining, niche discovery, category navigation, AI search lookups, keyword-trend checks, and WIPO trademark clearance — all from natural-language instructions.

⚠️ BREAKING CHANGE in 0.7.0 — pacer_search retired, merged into wipo_search

The standalone pacer_search tool was removed. US patent-litigation (PACER) lookups are now reached by passing enableLitigation=true to wipo_search — it finds the patent and joins the related US litigation cases in a single call. Prompts/scripts pinning pacer_search will get ToolNotFound; switch to wipo_search with enableLitigation.

Earlier breaking change (0.3.0 — tool renames)

Old name (≤ 0.2.x)	New name (0.3.0+)
google_ai_search	ai_search
google_trends	keyword_trends

Tool names changed to remove third-party brand references from the public MCP interface. Tool parameters, return shape, and pricing are unchanged.

---

Install

Recommended: one-line installer (covers 7 AI clients)

The Pangolinfo Installer detects your AI client, writes the right config files, and you're done. Pass --scope=mcp to install only this MCP server (skip the Skills package).

macOS / Linux

curl -fsSL https://pangolinfo.dev/install.sh | sh -s -- \
  --agent=<your-agent> \
  --scope=mcp \
  --api-key=pgl_xxxxxxxxxxxx

Windows (PowerShell)

irm https://pangolinfo.dev/install.ps1 | iex; `
  Install-Pangolinfo -Agent <your-agent> -Scope mcp -ApiKey pgl_xxxxxxxxxxxx

<your-agent> is one of: claude-code, cursor, cline, windsurf, codex, hermes, openclaw.

After the installer finishes, restart your AI client so it picks up the new mcpServers entry.

Manual install (just download one file)

The release artifact is a single self-contained server.mjs (~800 KB) — all dependencies are bundled in. No npm install needed.

# macOS / Linux
mkdir -p ~/.local/lib/pangolinfo-mcp
curl -fsSL https://github.com/pangolinfo/pangolinfo-mcp/releases/latest/download/server.mjs \
  -o ~/.local/lib/pangolinfo-mcp/server.mjs
chmod +x ~/.local/lib/pangolinfo-mcp/server.mjs

# Windows (PowerShell)
$dir = "$env:LOCALAPPDATA\pangolinfo-mcp"
New-Item -ItemType Directory -Force -Path $dir | Out-Null
irm https://github.com/pangolinfo/pangolinfo-mcp/releases/latest/download/server.mjs `
  -OutFile "$dir\server.mjs"

Then wire it into your AI client — see the per-client snippets below. Point args at the file you just downloaded.

Developers: to build from source, git clone this repo and run npm install && npm run build. The produced dist/server.mjs is identical to the release asset.

---

Get an API key

1. Sign up at https://tool.pangolinfo.com/
2. Copy your pgl_xxxxxxxx key from the dashboard
3. Top up credits if needed (each Amazon scrape call costs 0.75 credits; pangolinfo_capabilities is free)

---

Manual configuration (per AI client)

Replace /abs/path/to/pangolinfo-mcp/dist/server.mjs with your real path, and pgl_xxxxxxxx with your key.

Claude Code (~/.claude/settings.json)

{
  "mcpServers": {
    "pangolinfo": {
      "command": "node",
      "args": ["/abs/path/to/pangolinfo-mcp/dist/server.mjs"],
      "env": { "PANGOLINFO_API_KEY": "pgl_xxxxxxxx" }
    }
  }
}

Prefer claude mcp add --scope user pangolinfo node /abs/path/to/dist/server.mjs — it writes the same entry without hand-editing JSON.

Cursor (~/.cursor/mcp.json)

{
  "mcpServers": {
    "pangolinfo": {
      "command": "node",
      "args": ["/abs/path/to/pangolinfo-mcp/dist/server.mjs"],
      "env": { "PANGOLINFO_API_KEY": "pgl_xxxxxxxx" }
    }
  }
}

Cline (VS Code extension)

Open Cline → MCP Servers → Edit settings JSON, then add:

{
  "mcpServers": {
    "pangolinfo": {
      "command": "node",
      "args": ["/abs/path/to/pangolinfo-mcp/dist/server.mjs"],
      "env": { "PANGOLINFO_API_KEY": "pgl_xxxxxxxx" }
    }
  }
}

The settings file lives at <vscode-user>/globalStorage/saoudrizwan.claude-dev/settings/cline_mcp_settings.json. If you're on the standalone Cline CLI, use ~/.cline/data/settings/cline_mcp_settings.json instead.

Windsurf (~/.codeium/windsurf/mcp_config.json)

{
  "mcpServers": {
    "pangolinfo": {
      "command": "node",
      "args": ["/abs/path/to/pangolinfo-mcp/dist/server.mjs"],
      "env": { "PANGOLINFO_API_KEY": "pgl_xxxxxxxx" }
    }
  }
}

Codex (~/.codex/config.toml)

[mcp_servers.pangolinfo]
command = "node"
args = ["/abs/path/to/pangolinfo-mcp/dist/server.mjs"]

[mcp_servers.pangolinfo.env]
PANGOLINFO_API_KEY = "pgl_xxxxxxxx"

Hermes (~/.hermes/config.yaml)

mcp_servers:
  pangolinfo:
    command: node
    args: ["/abs/path/to/pangolinfo-mcp/dist/server.mjs"]
    env:
      PANGOLINFO_API_KEY: pgl_xxxxxxxx

OpenClaw (~/.openclaw/openclaw.json)

{
  "mcpServers": {
    "pangolinfo": {
      "command": "node",
      "args": ["/abs/path/to/pangolinfo-mcp/dist/server.mjs"],
      "env": { "PANGOLINFO_API_KEY": "pgl_xxxxxxxx" }
    }
  }
}

---

Hosted (remote HTTP) — no local install

Don't want to install anything? Point your AI client at the hosted endpoint instead of a local server.mjs. This is the streamable HTTP transport (MCP spec), multi-tenant — you bring your own key on every request.

Passing your API key — two ways

1. Authorization header (recommended)

Authorization: Bearer pgl_xxxxxxxx

This is the preferred method: the key stays out of URLs, logs, and browser history. The Bearer scheme is matched case-insensitively (bearer, BEARER, Bearer all work) and extra whitespace is tolerated.

2. ?api_key= URL query (fallback)

https://mcp.pangolinfo.com/mcp?api_key=pgl_xxxxxxxx

Easiest for clients that only let you paste a URL. If your key contains URL-special characters, URL-encode it. The header (method 1) takes precedence if both are supplied.

Client config example (Claude Code / Cursor — "url"-style remote MCP)

{
  "mcpServers": {
    "pangolinfo": {
      "url": "https://mcp.pangolinfo.com/mcp",
      "headers": { "Authorization": "Bearer pgl_xxxxxxxx" }
    }
  }
}

If your client can't set headers, fall back to the URL form: "url": "https://mcp.pangolinfo.com/mcp?api_key=pgl_xxxxxxxx".

Notes for custom / raw HTTP integrations

If you're calling the endpoint directly (not through a standard MCP client):

• POST your JSON-RPC body to /mcp.
• The MCP streamable transport normally requires the request to advertise both application/json and text/event-stream in its Accept header. This server backfills the missing media type for you, so a plain Accept: application/json, Accept: */*, or even a missing Accept header all work — you don't need to hand-craft it.
• A 401 means the key was not found in either the header or the query string — check that your client actually sent it (some libraries drop the Authorization header on cross-origin redirects).

---

Tools (18)

See MCP-TOOLS-MAP.md for the full coordination graph (which tools chain into which).

Plus a free local call: pangolinfo_capabilities returns the full tool catalog, canonical workflows, and usage tips with no backend round-trip (0 credits). It is a self-introspection helper, not one of the 18 data tools.

Default marketplace is Amazon US (marketplaceId=ATVPDKIKX0DER, zip=90001). Override per call via tool arguments.

---

Auth resolution order

The server resolves the API key with this priority:

1. CLI args: --api-key=pgl_xxx --api-base=... --scrape-base=...
2. Env vars: PANGOLINFO_API_KEY, PANGOLINFO_API_BASE, PANGOLINFO_SCRAPE_BASE
3. Config file at ~/.pangolinfo/config.json:

   {
     "api_key": "pgl_xxxxxxxxxxxx",
     "api_base": "https://extapi.pangolinfo.com",
     "scrape_base": "https://scrapeapi.pangolinfo.com"
   }
   

4. Missing key → startup failure with an actionable error.

CLI args win over env vars — convenient when you want per-server keys without polluting the global environment.

---

Internationalization

Tool descriptions and error hints are available in English and Chinese. The language is resolved in this order: --lang=zh|en → PANGOLINFO_LANG=zh|en → OS locale ($LANG starting with zh* → Chinese, otherwise English) → English when there is no locale signal at all. So a Chinese-locale machine gets Chinese automatically; everyone else gets English. Force a language explicitly:

"env": {
  "PANGOLINFO_API_KEY": "pgl_xxxxxxxx",
  "PANGOLINFO_LANG": "zh"
}

Startup logs are always English (operator-facing); tool descriptions and error hint fields follow the resolved locale.

---

Verify your install

After restarting your AI client, ask it:

List all available pangolinfo MCP tools.

You should see 18 tools. Then try:

Use pangolinfo_capabilities with mode "summary".

This is a free local call — if it returns the tool catalog, your install is wired correctly. Next, run something paid like:

Search Amazon for "wireless mouse" and return the top 5 results.

Expected: ~0.75 credits deducted, ~300 KB of structured product data returned.

---

Development

npm install
npm run dev        # tsx src/server.ts — hot-reload
npm run build      # esbuild → dist/server.mjs
npm run typecheck  # tsc --noEmit
npm start          # node dist/server.mjs

Project layout

src/
├── server.ts           MCP stdio entry + tool registration
├── auth.ts             API key resolution (CLI > env > config file)
├── client.ts           HTTP client (Authorization, User-Agent)
├── errors.ts           PangolinfoError + status-code mapping
├── config.ts           Default endpoints / constants
├── i18n.ts             zh/en translation lookup
└── tools/
    ├── _types.ts             Tool / ToolContext type definitions
    ├── index.ts              Tool registry (18 tools + capabilities)
    └── <verb_noun>.ts        One file per tool

Adding a new tool

1. Create src/tools/<verb_noun>.ts exporting a Tool object — mirror search_amazon.ts.
2. Import it in src/tools/index.ts and append to the tools array.
3. Schema is zod; .describe() every field — the AI reads those.
4. Never call fetch directly — use ctx.client.post(...). Auth is already injected.
5. Throw PangolinfoError on failure; the HTTP client already throws this for non-2xx responses.

---

Security & Data Handling

We take operator and user safety seriously. By design, this MCP server:

• Brings your own key. Authentication is via your personal PANGOLINFO_API_KEY (issued at https://tool.pangolinfo.com/). The key is read locally from your AI client's config or environment — it is never transmitted anywhere except to https://scrapeapi.pangolinfo.com (or https://mcp.pangolinfo.com for the hosted variant) over TLS 1.2+.
• No telemetry. This server does not phone home, does not collect usage analytics, and does not log your prompts. The only outbound traffic is the actual Amazon / Google / WIPO scrape API calls you explicitly invoke through tools.
• No PII collection. No user account info, no email, no IP geolocation, and no prompt content is persisted by this server. Tool calls forward only the parameters you (or the AI agent) supplied.
• Read-only. Every tool is a strictly read-only data lookup. None of them can write to Amazon, place orders, post reviews, modify listings, or take any side-effecting action on third-party platforms.
• HTTPS-only transport. Both the stdio variant (local) and the hosted variant (https://mcp.pangolinfo.com/mcp) require HTTPS; HTTP requests are refused.
• Open source. The full source is in this repository under MIT license — anyone can audit what the server sends and where.
• Responsible use. Pangolinfo APIs aggregate public e-commerce data. You are responsible for using the returned data in compliance with the terms of service of the underlying platforms (Amazon, Google, etc.) and with applicable laws in your jurisdiction.

Report security issues privately to security@pangolinfo.com — please do not file public GitHub issues for vulnerabilities.

---

Support

• API docs: https://docs.pangolinfo.com
• Issues: https://github.com/pangolinfo/pangolinfo-mcp/issues
• Email: support@pangolinfo.com

---

License

MIT © Pangolinfo