@aiwerk/mcp-server-wise
Wise (TransferWise) Personal API MCP server. Read-only: profiles, balances, rates, transfers, recipients.
Tools (v0.1.4, 11 read-only)
wise_list_profiles,wise_get_profilewise_list_balances,wise_get_balancewise_get_exchange_rate,wise_get_exchange_rate_historywise_list_transfers,wise_get_transferwise_list_recipients,wise_get_recipient,wise_get_account_requirements
Write tools (create/fund/cancel transfer, create/delete recipient, create quote) are intentionally not in v0.1.x — they require idempotency + SCA state-machine handling, planned for v0.2.0.
Configuration
| Env var | Required | Default | Purpose |
|---|---|---|---|
WISE_API_TOKEN |
yes | — | Personal API token from https://wise.com/settings/api-tokens |
WISE_API_BASE_URL |
no | https://api.wise.com |
Sandbox override: https://api.sandbox.transferwise.tech |
WISE_API_TIMEOUT_MS |
no | 30000 |
Per-request timeout |
WISE_API_ALLOW_UNSAFE_BASE_URL |
no | — | Dangerous override — see below |
Base URL safety
WISE_API_BASE_URL is locked down by default:
- Must use
https:// - Host must be on the allowlist:
api.wise.comorapi.sandbox.transferwise.tech
Violation throws WiseConfigError before any Bearer token leaves the machine. This prevents token exfiltration via a misconfigured env, a bad CI value, or a malicious override.
Dangerous override: set
WISE_API_ALLOW_UNSAFE_BASE_URL=1to bypass both checks (allowhttp://and arbitrary hosts). Only use for local testing against a mock server. Never enable this in production or with a real Wise token. The token will be sent to whatever host you configure.
Install
Two ways to run this server — pick the one that fits.
Option 1 — Hosted (zero setup)
No local runtime, no env vars on your machine — your Wise token is AES-256-GCM encrypted server-side via HashiCorp Vault.
- Sign up at aiwerkmcp.com.
- Install Wise from the catalog and paste your
WISE_API_TOKEN. - Point your MCP client (Claude.ai, Cursor, Hermes, …) at your hosted endpoint:
with your Bearer token.https://bridge.aiwerk.ch/u/<your-user-id>/mcp
All 11 read-only tools appear. Install other AIWerk recipes from the same bridge.
Option 2 — Self-hosted (npx)
Run directly — you manage the token:
WISE_API_TOKEN=xxx npx @aiwerk/mcp-server-wise
Or install globally:
npm install -g @aiwerk/mcp-server-wise
WISE_API_TOKEN=xxx mcp-server-wise
Error taxonomy
Errors surface as MCP isError: true responses with distinct prefixes:
Timeout: …— request exceededWISE_API_TIMEOUT_MS(wrapsAbortController)Network error: …— fetch rejected (DNS, connection reset, etc.)Configuration error: …— missing token or invalid base URLWise API error <status> …— HTTP 4xx/5xx response from Wise
Typical flow
wise_list_profiles→ pickprofileIdwise_list_balances({profileId})→ see available currencies / amountswise_get_exchange_rate({source, target})→ check ratewise_list_transfers({profileId, status})→ history / status lookup
Build / dev notes
src/version.tsis generated frompackage.jsonbyscripts/gen-version.mjs(runs asprebuild/predev/pretest). The file IS committed so a fresh clone compiles immediately.- The generator is idempotent: it only writes when the version actually changes. So
npm run buildon an in-sync tree leaves the working copy clean. - Bumping
package.json's version and running any ofbuild/dev/testis enough to propagate — no separate manual step onsrc/version.ts.
About AIWerk MCP
Part of the AIWerk MCP platform — curated, signed MCP recipes served either as npm packages for self-hosting or through our multi-tenant hosted bridge (bridge.aiwerk.ch).
Other AIWerk MCP servers:
- @aiwerk/mcp-server-cal — Cal.com scheduling
- @aiwerk/mcp-server-imap — IMAP/SMTP email, provider-agnostic
- @aiwerk/mcp-server-clawhub — ClawHub skill catalog
Browse the full catalog (20+ recipes including GitHub, Linear, Notion, Stripe, …) at aiwerkmcp.com.
Licence
MIT © 2026 AIWerk
