whoop-mcp
Verified Safeby lornest
Overview
Provides conversational access to WHOOP fitness and recovery data through an MCP client like Claude.
Installation
uv --directory /absolute/path/to/whoop-mcp run main.pyEnvironment Variables
- WHOOP_CLIENT_ID
- WHOOP_CLIENT_SECRET
Security Notes
The server employs robust security practices. OAuth 2.0/2.1 compliance is handled by the well-tested `authlib` library. Tokens are stored securely using OS-native keychain (macOS Keychain, Windows Credential Locker, GNOME Keyring/KWallet) or fall back to an encrypted file with strong symmetric encryption (`cryptography.fernet`) and strict file permissions. CSRF protection is implemented in the OAuth bootstrap flow. Client secrets are stored securely and never exposed in runtime environment variables. API requests are centrally handled with comprehensive error handling for authentication, rate limits, and network issues. No 'eval' or other obviously dangerous patterns were found.
Similar Servers
garmin_mcp
Exposes Garmin Connect fitness and health data to Claude and other MCP-compatible clients.
intervals-mcp-server
Connects AI models (Claude, ChatGPT) with the Intervals.icu API to retrieve and manage athlete fitness data, including activities, events, and wellness metrics.
hevy-mcp
This server acts as a Model Context Protocol (MCP) interface, enabling AI assistants to interact with the Hevy fitness tracking app's API to manage workout data, routines, exercise templates, folders, and webhook subscriptions.
pierre_mcp_server
Conversational AI fitness coaching and data analysis platform with provider integrations and user management.