Yes, Qorami Sdk is free to use.

How do I install Qorami Sdk?

Qorami Sdk is a local plugin. Install it using npm package: qorami-mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

Is Qorami Sdk safe to use?

Yes. Qorami Sdk passed MCP Marketplace's automated security scan with a score of 10/10 (low risk). Every server on MCP Marketplace is security-scanned before it's listed; see the full security report on this page for the findings and permissions.

What credentials does Qorami Sdk need?

Qorami Sdk requires the following credentials or environment variables: QORAMI_API_KEY. You can find setup instructions on the server detail page.

What AI apps work with Qorami Sdk?

Qorami Sdk uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Qorami Sdk MCP Server

by Loicfontaine Max

Developer ToolsLow Risk10.0MCP RegistryLocal

Free

Server data from the Official MCP Registry

Check an email before an AI agent sends it: send / ask a human / block. Detects prompt injection.

About

Check an email before an AI agent sends it: send / ask a human / block. Detects prompt injection.

Security Report

10.0

Low Risk10.0Low Risk

Valid MCP server (2 strong, 4 medium validity signals). No known CVEs in dependencies. Package registry verified. Imported from the Official MCP Registry.

11 files analyzed · 1 issue found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

HTTP Network Access

Connects to external APIs or services over the internet.

env_vars

Check that this permission is expected for this type of plugin.

What You'll Need

Set these up before or after installing:

Your Qorami workspace API key (get one at https://qorami.fr/dashboard/).Required

Environment variable: QORAMI_API_KEY

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-loicfontaine-max-qorami": {
      "env": {
        "QORAMI_API_KEY": "your-qorami-api-key-here"
      },
      "args": [
        "-y",
        "qorami-mcp"
      ],
      "command": "npx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

Qorami SDK

Official clients, tool schemas and an MCP server for Qorami — a control point between your AI agents and actually sending email. Before each send, the agent asks Qorami, which replies send, request_human_confirmation, or do_not_send.

Get an API key in the dashboard. Full API reference: https://qorami.fr/docs.

Path	What
`js/`	Zero-dependency JavaScript / TypeScript client (`fetch`, Node 18+ or browser).
`python/`	Zero-dependency Python client (stdlib only) + LangChain, CrewAI, LlamaIndex & OpenAI-Agents tools.
`tools/`	Drop-in OpenAI function-calling & Anthropic tool-use schemas for `qorami_check_email`.
`mcp/`	Stdio MCP server (`qorami_health`, `verify_email`, `check_action_status`) for Claude Desktop, Cursor, any MCP client.
`n8n/`	No-code recipe: guard a workflow's email with an HTTP Request node.
`examples/`	Runnable Node & Python quickstarts.

JavaScript / TypeScript

import { QoramiClient } from './js/qorami.mjs'

const qorami = new QoramiClient({ apiKey: process.env.QORAMI_API_KEY })

await qorami.guard(
  { recipient: 'client@example.com', subject: 'Our offer', body, policyProfile: 'sales' },
  {
    send: () => mailer.send(),                            // allowed
    requestHumanConfirmation: (r) => queue(r.action.id), // a human was notified
    doNotSend: (r) => log('blocked', r.decision),        // do not send
  },
)

Or step by step with qorami.verify(...) and, after a review, poll qorami.status(actionId) until nextAction.type === 'send'.

Python

from qorami import QoramiClient
qorami = QoramiClient(api_key=os.environ["QORAMI_API_KEY"])

result = qorami.verify(recipient="client@example.com", subject="Our offer",
                       body=email_body, policy_profile="sales")
if result.next_action_type == "send":
    send_email()
elif result.next_action_type == "request_human_confirmation":
    queue_for_review(result.action_id)   # a human was notified by email
# else: do_not_send

Agent framework tools

pip install qorami[<framework>] ships a drop-in qorami_check_email wrapper — each returns ALLOWED / NEEDS HUMAN APPROVAL / BLOCKED and reuses the client:

Framework	Install	Import
LangChain	`pip install qorami[langchain]`	`from qorami_langchain import build_qorami_tool`
CrewAI	`pip install qorami[crewai]`	`from qorami_crewai import QoramiEmailGuard`
LlamaIndex	`pip install qorami[llamaindex]`	`from qorami_llamaindex import build_qorami_tool`
OpenAI Agents SDK	`pip install qorami[openai-agents]`	`from qorami_openai_agents import qorami_check_email`

from qorami_langchain import build_qorami_tool
tool = build_qorami_tool()        # reads QORAMI_API_KEY

No-code workflows (n8n) use a plain HTTP Request node — see n8n/.

MCP server

Register Qorami as a native tool in Claude Desktop / Cursor / any MCP client — see mcp/. It exposes qorami_health, verify_email and check_action_status over stdio.

The contract

Every client returns the same decision the agent must obey via nextAction.type: send, request_human_confirmation (a human approves first — poll the action), or do_not_send. See https://qorami.fr/docs.

Cleaned version (auto-remediation)

When an email is risky only because of mechanically-removable content (a leaked secret, a suspicious link, an IBAN/card/SSN), the verify result carries a cleaned, sendable copy — send remediation.safeBody instead of blocking outright:

const r = await qorami.verify({ recipient, subject, body, policyProfile: 'general' })
if (r.nextAction.type === 'do_not_send' && r.remediation?.safeToSend) {
  mailer.send({ ...email, body: r.remediation.safeBody })   // safe, redacted copy
}

r = qorami.verify(recipient=..., subject=..., body=email_body)
if r.next_action_type == "do_not_send" and (r.remediation or {}).get("safeToSend"):
    send_email(body=r.remediation["safeBody"])   # safe, redacted copy

remediation.removed lists what was stripped (e.g. ["secret", "link"]). The MCP server surfaces the same field.

License

MIT — see LICENSE.

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Fetch

Free

by Modelcontextprotocol · Developer Tools

Web content fetching and conversion for efficient LLM usage

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

Qorami Sdk MCP Server

About

Security Report

Findings (1)

Permissions Required

What You'll Need

How to Install

Documentation

Qorami SDK

JavaScript / TypeScript

Python

Agent framework tools

MCP server

The contract

Cleaned version (auto-remediation)

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Fetch

Toleno

mcp-creator-python

MarkItDown

FinAgent

mcp-creator-typescript