Operator-narrative review · Updated 2026-05-22

Folk MCP Review (2026): the community-built MCP that fits Folk's solo / agency motion

Folk MCP is the community-built (but official-adjacent) MCP server for Folk CRM, maintained at github.com/NimbleBrainInc/mcp-folk by NimbleBrain. stdio transport, FOLK_API_KEY authentication, narrow surface (contacts, companies, notes, reminders, interaction logging) that matches Folk's tag-and-list-based CRM motion. Structurally different shape from first-party hosted MCPs like Attio's or HubSpot's — and the operator implications matter.

Quick context. We run StackSwap MCP. We're a Folk affiliate; the analysis below is the same one we'd give a friend evaluating Folk MCP against Attio MCP cold.

Want to try Folk?

Folk + community MCP fits solo/agency relationship-led motions in 2026

14-day free trial, fast onboarding (~20 min), folkX Chrome extension for LinkedIn capture, AI Assistants bundled. The MCP works; the structural fit is motion.

Start with Folk →Affiliate link — StackSwap earns a commission if you sign up for Folk. We only partner with tools we'd recommend anyway.

What Folk MCP is — and what it isn't

Folk MCP is a Node-based MCP server that runs locally (stdio transport) and authenticates against Folk's REST API via FOLK_API_KEY. NimbleBrain maintains the repo at github.com/NimbleBrainInc/mcp-folk. It's official-adjacent — Folk's team is aware of and supportive — but it's not first-party in the way Attio MCP (Attio's domain, Attio's OAuth) or HubSpot MCP (HubSpot's domain, HubSpot's OAuth) are first-party.

The structural shape matters for three reasons:

Self-hosted, not hosted. You install Node, run the MCP server locally via npx, manage the FOLK_API_KEY as an env var. Compare to Attio MCP (one-click OAuth, no install) or HubSpot MCP (one-click OAuth, hosted by HubSpot). The setup tax is real but bounded — 5-10 minutes if you're comfortable with JSON config edits.
API-key auth, not OAuth. FOLK_API_KEY is a long-lived secret. Treat it like any API key — env var only, not committed to public repos, dedicated key for AI work scoped to a single user. The scoped-AI-user pattern that applies to every MCP server with a write surface still applies; the difference is the key model vs OAuth flow.
Community iteration cadence. Features land when NimbleBrain ships them, not when Folk's product team prioritizes the integration. For Folk's narrow surface (tag-based contact management) this is mostly fine because the surface doesn't change often; for vendors with rapidly-evolving feature sets, community MCP would be more fragile.

What you can actually do with Folk MCP

Folk's product is a relationship-led tag-and-list CRM for solopreneurs, agencies, and small sales teams under 20 people. The MCP exposes operations that match that motion:

Contact search and read. By tag, list, company, or attribute. Returns contact details + interaction history + linked company.
Contact create / update. New contacts, tag assignments, attribute updates.
Interaction logging. Log meetings, calls, emails as Folk interactions on the relevant contact.
Reminder creation. Set follow-up reminders for contacts or lists.
Note management. Read and write contact notes.

Realistic workflows from this surface: ask Claude to summarize this week's interactions across a specific list ("partnerships outreach"), draft follow-up reminders for contacts you haven't touched in 30+ days, bulk-tag a list of new contacts captured from the folkX Chrome extension, read a contact's full history + notes before a meeting and draft a pre-call brief. The surface is intentionally narrow because Folk's product is narrow — that's a strength for the fast-onboarding solo/agency motion, not a weakness.

Folk MCP vs Attio MCP — the relationship-led head-to-head

Dimension	Folk MCP	Attio MCP
Maintained by	NimbleBrain (community)	Attio (first-party)
Transport	stdio (local Node process)	HTTP (hosted)
Auth	FOLK_API_KEY env var	OAuth only
Setup time	5-10 min (Node + JSON config + key)	~30 sec (one-click OAuth)
Write safety	Client-confirmation only	Reads auto-approve, writes require confirmation
Underlying data model	Tag-and-list-based, contacts-centric	Relational object model, custom records
Fits best when	Solo / agency / under-5-user, fast onboarding wins	Relationship-led with deep object models, custom records

The honest framing: at 1-5 users with fast onboarding as the priority and tag-based workflows fitting the motion, Folk is the right pick — and the MCP is a useful secondary capability even if it's community-built and self-hosted. At 5-20 users with deeper object models, multi-entity deals, and AI-curious operators driving daily orchestration from Claude, Attio's first-party MCP becomes the structural advantage.

The setup gotcha — dedicated FOLK_API_KEY

Standard MCP operator advice with one Folk-specific twist. Don't use your existing Folk API key for AI work — generate a dedicated FOLK_API_KEY scoped to a single user account with limited access, treat it as a secret (env var only), and store it where you store other secrets (1Password, etc.). The community-built MCP doesn't add a permission layer on top of Folk's API permissions; the key has whatever permissions you assigned it.

For multi-user Folk workspaces, the scoped-AI-user pattern matters more than for first- party hosted MCPs — Folk MCP has no separate scope gating (no Close-Scope header, no OAuth scopes you can dial up/down per session), so the safety boundary is the user account the key belongs to.

Where StackSwap MCP fits

Folk MCP exposes Folk data. The cross-vendor question — "should we move from Folk to Attio as we scale past 5 users", "what does our relationship-led stack actually cost", "which CRM fits our motion at 12 employees" — sits at a different layer. That's where StackSwap MCP slots in: ~400 GTM tools, cost models, overlap pairs, and operator-narrative KB articles. Both MCPs load into the same Claude session.

Want to try Folk?

Folk fits the solo / agency relationship-led motion in 2026 — and the community MCP is a clean fit

14-day free trial, folkX Chrome extension for LinkedIn capture, AI Assistants (Research, Workflow, Follow-up, Recap) bundled. Setup the MCP in 10 min.

Start with Folk →Affiliate link — StackSwap earns a commission if you sign up for Folk. We only partner with tools we'd recommend anyway.

FAQ

Folk MCP is the community-built (but official-adjacent) MCP server for Folk CRM, maintained at github.com/NimbleBrainInc/mcp-folk by NimbleBrain. It's not first-party from Folk in the way Apollo MCP, Close MCP, and Attio MCP are first-party from those vendors — but NimbleBrain ships and maintains it actively, and Folk's team is aware of and supportive of the project. The server uses stdio transport with a FOLK_API_KEY environment variable for authentication. It exposes Folk's core surface: contacts, companies, notes, reminders, and interaction logging.

Three structural differences. (1) Hosting: Folk MCP is self-hosted via stdio (you run the MCP server locally as a Node process); Attio and HubSpot are hosted by the vendor at the platform edge. (2) Auth: Folk MCP uses FOLK_API_KEY (long-lived secret in your client config); Attio and HubSpot use OAuth. (3) Maturity: Folk MCP is community-built and iterates on a different cadence than first-party MCPs — features land when NimbleBrain ships them, not when Folk's product team prioritizes the integration. The operator implication: Folk MCP works well for Folk-shaped solo/agency workflows but doesn't ship the same hosted convenience as Attio or HubSpot.

Folk's CRM is tag-and-list-based (not relational object model like Attio), built for relationship-led solopreneurs, agencies, and small sales teams. The MCP exposes the operations that match that motion: (1) search contacts by tag, list, or company; (2) read contact details + interaction history + linked company; (3) create new contacts or update existing ones with tag assignments; (4) log interactions (meeting notes, calls, emails); (5) create reminders for follow-up. Realistic workflows: ask Claude to summarize this week's interactions across a specific list, draft follow-up reminders for contacts you haven't touched in 30+ days, bulk-tag a list of new contacts from a Chrome-extension capture. The surface is intentionally narrow — Folk's product is narrow.

Treat it as a secret — same as any API key. Put it in the environment variable section of your MCP server config, not in plaintext in the command field. Don't commit your Claude Desktop config to a public repo. The FOLK_API_KEY scopes to your Folk account; the LLM inherits everything that key can do in Folk. For multi-user Folk workspaces, generate a dedicated key for AI work scoped to a single user with limited list/tag access — the scoped-AI-user pattern that applies to every MCP server with a write surface.

Folk MCP requires more setup. (1) Install Node.js if you don't have it. (2) Add an MCP server entry to your Claude Desktop config that runs the mcp-folk Node process via npx with FOLK_API_KEY as an env var. (3) Restart Claude. (4) Verify connectivity. Total: 5-10 min if you're comfortable with JSON config edits. Attio MCP is one-click OAuth from inside Claude (no Node, no config edit). The setup difference reflects the hosted-vs-self-hosted MCP shape — community-built MCPs typically run stdio and require local setup; first-party hosted MCPs typically run over HTTPS with OAuth.

Three honest gaps. (1) No write-confirmation UX at the protocol level — the LLM can fire writes against your Folk workspace, the safety rail is the MCP client's confirmation prompt and the limited write surface itself. (2) No fine-grained scope gating like Close's Close-Scope header — the FOLK_API_KEY has the permissions it has, full stop. (3) Iteration cadence — features land when NimbleBrain ships them, not when Folk wants them. None are dealbreakers for solo/agency motions where Folk fits structurally, but they're worth knowing if you're comparing MCPs across CRM categories.

For solo founders, agencies, and small sales teams already on Folk: install the MCP, it works. For teams choosing a relationship-led CRM in 2026: the MCP layer is a nice-to-have, but Folk's MCP being community-built (not first-party hosted) makes it structurally weaker than Attio's first-party MCP for AI-curious operators. Pick Folk for the fast onboarding + LinkedIn-first capture + AI Assistants bundle; pick Attio when you want first-party hosted MCP and deeper relational object model. The MCP layer follows the CRM choice; for relationship-led under-5-user teams, that means Folk is still the right pick on motion fit and the MCP is an acceptable secondary capability.

For solo / agency / small-team Folk workspaces, yes with the standard setup: dedicated FOLK_API_KEY for AI work, scoped to a single user with limited access, secret stored as an env var not plaintext. The community-built status means there's no SLA on the MCP server itself (if NimbleBrain stops maintaining it, you maintain the fork), but the same risk applies to most community-MCP wrappers for non-MCP-shipping vendors. For enterprise compliance contexts with strict change-control rules, Folk's community MCP would not pass procurement — that's the structural cost of self-hosted community MCP vs first-party hosted.

Folk MCP Review (2026): the community-built MCP that fits Folk's solo / agency motion

What Folk MCP is — and what it isn't

What you can actually do with Folk MCP

Folk MCP vs Attio MCP — the relationship-led head-to-head

The setup gotcha — dedicated FOLK_API_KEY

Where StackSwap MCP fits

FAQ

What is Folk MCP and is it official?

How does Folk MCP differ from Attio MCP or HubSpot MCP?

What can I do with Folk MCP in practice?

Is the FOLK_API_KEY safe to put in my Claude Desktop config?

How does setup work for Folk MCP vs Attio MCP?

What's still missing in Folk MCP vs the first-party MCPs?

Should Folk MCP change my CRM evaluation in 2026?

Is Folk MCP production-safe?

Related reading