← Back to search
paracetamol951/kash

Kash — POS, Invoicing, CRM & Webshop

# Kash MCP Server — Official Integration > **Connect your Kash business to Claude, ChatGPT, and any MCP-compatible AI — and run your entire operation through natural conversation.** Kash has been a free, cloud-based point-of-sale solution since 2011, trusted by thousands of merchants across restaurants, retail, bakeries, florists, food trucks, and more. This MCP server is the official bridge between Kash and the new generation of AI assistants, turning every tool in your business into something you can simply talk to. --- ## What is Kash? Kash (kash.click) is a complete, free business management platform built for small and medium businesses. It goes far beyond a simple cash register: - **Point of Sale** — touchscreen-ready, works on any device (Android, iOS, Windows, Mac), online and offline - **Invoicing & Quotes** — generate PDF invoices, quotes, delivery notes, and expense reports in seconds - **CRM** — manage your full customer base with contact details, purchase history, loyalty points, credits, and custom fields - **Online Store / Webshop** — built-in e-commerce storefront synced with your catalog and inventory - **Inventory Management** — real-time stock tracking, alerts, supplier management, and buying prices - **Delivery Management** — table service, takeaway, drive-through, home delivery, relay points, and shipping - **Loyalty & Marketing** — loyalty cards, loyalty points, coupons, vouchers, referral programs, and marketing campaigns - **Payment Flexibility** — cash, card (SumUp, Yavin, Viva.com), PayPal, Lydia, GoCardless, direct debit, and even cryptocurrency - **Reporting & Analytics** — sales reports, revenue charts, export to CSV, accounting chapter mapping, and Pennylane integration - **Multi-user & Multi-cashbox** — manage staff access, roles, and multiple physical or virtual cashboxes All of this is **free** for small businesses, with no mandatory subscription. --- ## What Does This MCP Server Do? This server exposes the full Kash API as **35 MCP tools**, letting any compatible AI assistant — Claude, ChatGPT, n8n, or your own automation — interact with your Kash account through natural language. No more clicking through menus. Just talk. --- ## What You Can Do ### 🔐 Account & Authentication Get started without leaving the conversation. You can create a Kash account, find existing accounts linked to your email, and authenticate via a secure one-time password (OTP) sent to your inbox — all from within the chat. ``` "Create a Kash account for my restaurant" "Log me in with my email" "I received the OTP code: 847291" ``` ### 🧾 Sales & Orders Record sales in real time, attach them to tables or customers, apply payment methods, add comments, and handle delivery modes — all from a single sentence. ``` "Record a sale of 2 espressos and a croissant at table 5, paid by card" "Show me today's sales" "What orders are pending for delivery tonight?" "Give me the detail of order #1042" ``` ### 📦 Catalog Management Add, update, or remove items, departments, and VAT rates on the fly. Adjust prices, link variations, set stock levels, toggle visibility — without opening the back office. ``` "Add a new item called 'Seasonal Tart' at €4.50 in the Pastries department" "Update the price of the Margherita pizza to €12" "Create a new department called 'Summer Menu'" "Add a 10% VAT rate" ``` ### 👥 Customer Management (CRM) Maintain a full customer database. Add new customers, update contact details, manage addresses, company registration numbers, VAT numbers, blacklist status, and private notes. ``` "Add a new customer: John Smith, john@example.com, +33612345678" "Update the address for customer #204" "Show me all my customers" ``` ### 📊 Data & Reporting Retrieve any data from your shop instantly — products, departments, VAT rates, users, cashboxes, payment methods, delivery zones, discounts, tables, relay points, and more. ``` "List all my products" "What payment methods are configured?" "Show me this week's orders" "How many tables do I have?" ``` --- ## Example Conversations Here are real things you can ask once connected: > *"Show me today's sales"* > *"Record a sale of 2 coffees and 1 croissant at table 84"* > *"How is the business doing so far this year?"* > *"Can you analyse my sales history and give me recommendations?"* > *"Add a new seasonal item to my menu at €8.50"* > *"Which customers haven't ordered in the last 3 months?"* > *"Generate a cash register report for the week"* > *"How many orders have to be delivered tonight?"* > *"I need to add a new VAT rate of 5.5% for food items"* --- ## Available Tools (35) | Category | Tools | |---|---| | **Account** | `account_list`, `account_create` | | **Authentication** | `auth_request_otp`, `auth_login_with_otp`, `auth_logout` | | **Sales** | `sale_create`, `order_detail`, `data_list_orders` | | **Catalog — Items** | `plu_add`, `plu_edit`, `plu_delete`, `data_list_products` | | **Catalog — Departments** | `dept_add`, `dept_edit`, `dept_delete`, `data_list_departments`, `data_list_department_groups` | | **Catalog — VAT** | `vat_add`, `vat_edit`, `vat_delete`, `data_list_vats` | | **CRM** | `client_add`, `client_edit`, `client_delete`, `data_list_clients` | | **Data** | `data_list_users`, `data_list_tables`, `data_list_cashboxes`, `data_list_payments`, `data_list_discounts`, `data_list_variations`, `data_list_delivery_men`, `data_list_delivery_zones`, `data_list_relay_points` | | **Utility** | `ping` | --- ## Who Is This For? This MCP server is ideal for: - **Restaurant & café owners** who want to record orders, track tables, and analyse revenue through conversation - **Retail shop managers** who need to quickly update prices, add items, or check stock without navigating the back office - **Bakeries, florists, food trucks** and any local business that wants an AI assistant deeply connected to their daily operations - **Developers & agencies** building AI-powered workflows on top of a proven POS platform - **n8n / automation users** who want to trigger Kash actions from workflows --- ## Getting Started ### Option 1 — You already have a Kash account Simply connect via OAuth. The server will ask for your login email and send you a one-time password to verify your identity. Once authenticated, all 35 tools are immediately available. ### Option 2 — You don't have a Kash account yet No problem — just ask the AI to create one for you: > *"Create a Kash account for my bakery, my email is hello@mybakery.com"* The account is created instantly, the session is initialized automatically, and you're ready to go. Don't forget to validate your email via the link sent to your inbox. --- ## Technical Details - **Protocol**: MCP (Model Context Protocol) over HTTP Streamable - **Authentication**: OAuth 2.0 with PKCE (S256) — secure, no password required - **Hosted server**: `https://mcp.kash.click/mcp` - **Self-hosted option**: Available via `npx caisse-enregistreuse-mcp-server` or Docker - **Open source**: [github.com/paracetamol951/caisse-enregistreuse-mcp-server](https://github.com/paracetamol951/caisse-enregistreuse-mcp-server) - **License**: GPL v3 --- ## Links - 🌐 [kash.click](https://kash.click) — Kash website - 📖 [Documentation](https://kash.click/cash-register-software/) — Full help center - 🔧 [API Reference](https://kash.click/cash-register-software/mcp/) — MCP & API docs - 💻 [GitHub](https://github.com/paracetamol951/caisse-enregistreuse-mcp-server) — Source code - 🆓 [Register for free](https://kash.click/free-pos-software/) — Create your account

Decision: Block for production
Why: failing live status + score below evaluation threshold
Next: revalidate, add safeguards, export policy
EXECUTIVE VERDICT

Executive verdict

Production trust decision: Block for production
Reason: failing live status + score below evaluation threshold
Next action: revalidate, add safeguards, export policy
Production decision
Block for production
failing live status + score below evaluation threshold
Current score
43.2
Snapshot trustsnap_5b58c7577ca4ee65
Next action
revalidate, add safeguards, export policy
Claim the profile to add evidence, trigger validation, and configure monitoring.
Compare alternatives Export policy Open report JSON
Observed Attention
No observed attention
No observed attention in the current 30-day window.
  • No segmented attention signals observed in the current window.
Bucketed signal based on recent segmented Verify telemetry. Crawler and evaluator activity is not treated as confirmed human demand.
Status
Failing
Score
43.2
Transport
unknown
Tools
0

Current trust snapshot

Snapshot ID
trustsnap_5b58c7577ca4ee65
Use this ID to compare server page, report, policy, MCP, homepage, ranking, and shortlist surfaces.
Snapshot generated
Jul 19, 2026 04:05:22 AM UTC
All page, report, policy, and MCP surfaces use this same server-detail snapshot shape.
Last validated
Jul 18, 2026 10:29:29 PM UTC
Age: 5.6h • freshness band: Verified in last 24h • display score: 43.21
Production trust decision
Block for production
failing live status + score below evaluation threshold
Readiness class
unknown

Canonical machine links

SERVER OWNER FUNNEL

Own this MCP?

Claim ownership, prove control with a GitHub, DNS, HTTP, MCP metadata, or email-domain challenge, revalidate now, publish a badge, configure monitoring, and unlock a verified server profile.

1. Claim
unclaimed
with GitHub, DNS, or HTTP challenge instructions.
2. Revalidate
POST /v1/servers/paracetamol951/kash/revalidate
Verified owners get priority queueing after proof succeeds.
3. Badge
Verified by MCP Verify badge
Verified by MCP Verify - score 43.2 - last checked Jul 18, 2026
4. Monitor
Continuous Verify plan is self-serve: choose a tier, configure watches, add authenticated validation, trigger revalidation, and use the badge.
Paid profile
Add verified publisher identity, security metadata, evidence packs, badge customization, and owner analytics without buying a better score.
Badge embed
[![Verified by MCP Verify](https://verify.sentinelsignal.io/badge/paracetamol951/kash.svg)](https://verify.sentinelsignal.io/servers/paracetamol951/kash)

MCP TrustOps

TrustOps turns this report into operational controls: freshness SLAs, authenticated validation, semantic benchmarks, policy exports, alert subscriptions, badges, cost/compliance metadata, and runtime routing. Fresh trusted index decisions stay separate from long-tail inventory so stale scores do not masquerade as current evidence.

Freshness band
Verified in last 24h
Policy SLA: 168.0h • confidence-weighted score: 21.6 • stale score suppressed:
Policy exports
Formats: json, rego, yaml, github_action, gateway_config, client_report
Runtime routing
/v1/decide
Returns allowed tools, blocked tools, approval requirement, and reason.
Hosted runtime
Deploy trusted servers from GitHub with secrets, egress controls, releases, rollback, and audit events.
Authenticated validation
Premium publisher feature: paid authenticated runs verify scopes, write-action safeguards, and authorized tool execution.
Active trust badges
Freshly Validated No Critical Risk
Semantic benchmarks
template ready
Templates cover GitHub, database, healthcare, web search, and CRM least-privilege jobs.
Supply chain
not scanned
Deep scan checks are marked separately from public metadata signals.
Compliance metadata
Terms, privacy, SOC 2, HIPAA, GDPR, retention, deletion, and audit-log fields are tracked as enterprise metadata.
Alert subscription types
Status changes Score drops or recovers Freshness SLA breach Validation schema drift OAuth or auth behavior changes Tool surface changes New or changed write tool Supply-chain signal changes Legal or compliance metadata changes

MCP Runtime hosting

No hosted runtime profile is available yet.

Production readiness class

Production readiness class
Unknown
Fast server evidence is served while Verify protects web capacity.
Critical alerts
0
Production verdicts degrade quickly when critical alerts are active.

Evidence confidence

Confidence score
0.0
Full server evidence will be rebuilt by the regular cache refresh path.
Live checks captured
0
More direct checks increase trust in the current verdict.
Validation age
n/a
Lower age means fresher evidence.

Recommended for

No recommendation profile is available yet.

Client compatibility verdicts

No client compatibility verdicts are available yet.

Why compatibility is limited by client

No per-client remediation checklist is available yet.

Verdict traces

No verdict trace data is available yet.

Publishability policy profiles

No publishability policy profiles are available yet.

Compatibility fixtures

No compatibility fixtures are available yet.

Authenticated validation sessions

No authenticated validation detail is available yet.

Public validation is free. Authenticated validation is paid and proves scoped behavior, write-action safeguards, and authenticated tool execution.

Public server reputation

No public server reputation signals are available yet.

Incident & change feed

No incidents or changes recorded yet.

Capabilities

Use-case taxonomy
No taxonomy tags yet.

Security posture

No security posture summary available yet.

Agent Commerce & Payment Readiness - Beta

No agent-commerce assessment available yet.

Tool capability & risk inventory

No tool inventory available from the latest validation run.

Write-action governance

No write-action governance summary is available yet.

Action-controls diff

Need at least two validation runs before diffing action controls.

Why this score?

No score decomposition available yet.

Algorithmic score breakdown

Auth Operability
0/4
Measures whether auth discovery and protected access behave predictably for clients.
Error Contract Quality
0/4
Grades machine-readable error structure, status alignment, and remediation hints.
Rate-Limit Semantics
2/4
Checks whether quota/throttle responses are deterministic and automation-friendly.
Schema Completeness
0/4
Completeness of tool descriptions, parameter docs, examples, and schema shape.
Backward Compatibility
4/4
Stability score across tool schema/name drift relative to prior validations.
SLO Health
3.4/4
Availability, latency, and burst-failure profile across recent validation history.
Security Hygiene
1.5/4
HTTPS posture, endpoint hygiene, and response-surface hardening checks.
Task Success
1.7/4
Can an agent reliably initialize, enumerate tools, and execute core MCP flows?
Trust Confidence
0.3/4
Confidence-adjusted reliability score that penalizes low evidence volume.
Abuse/Noise Resilience
3/4
How well the server preserves core behavior in the presence of noisy traffic patterns.
Prompt Contract
2/4
Quality of prompt metadata, argument shape, and prompt discoverability for clients.
Resource Contract
2/4
How completely resources and resource templates describe URIs, types, and usage shape.
Discovery Metadata
3/4
Homepage, docs, icon, repository, support, and license coverage for directory consumers.
Registry Consistency
3/4
Agreement between stored registry metadata, live server-card data, and current validation output.
Installability
2/4
How cleanly a real client can connect, initialize, enumerate tools, and proceed through auth.
Session Semantics
0/4
Determinism and state behavior across repeated MCP calls, including sticky-session surprises.
Tool Surface Design
0/4
Naming clarity, schema ergonomics, and parameter complexity across the tool surface.
Result Shape Stability
0/4
Stability of declared output schemas across validations, with penalties for drift or missing shapes.
OAuth Interop
0/4
Depth and client compatibility of OAuth/OIDC metadata beyond the minimal protected-resource check.
Recovery Semantics
0/4
Whether failures include actionable machine-readable next steps such as retry or upgrade guidance.
Maintenance Signal
1.9/4
Versioning, update recency, and historical validation cadence that indicate active stewardship.
Adoption Signal
2/4
Directory presence and distribution clues that suggest the server is intended for external use.
Freshness Confidence
1.5/4
Confidence that recent validations are current enough and dense enough to trust operationally.
Transport Fidelity
0/4
Whether declared transport metadata matches the observed endpoint behavior and response formats.
Spec Recency
2/4
How close the server’s claimed MCP protocol version is to the latest known public revision.
Session Resume
0/4
Whether Streamable HTTP session identifiers and resumed requests behave cleanly for real clients.
Step-Up Auth
3/4
Whether OAuth metadata and WWW-Authenticate challenges support granular, incremental consent instead of broad upfront scopes.
Transport Compliance
1/4
Checks session headers, protocol-version enforcement, session teardown, and expired-session behavior.
Utility Coverage
2/4
Signals support for completions, pagination, and task-oriented utility surfaces that larger clients increasingly expect.
Advanced Capability Coverage
2/4
Coverage of newer MCP surfaces like roots, sampling, elicitation, structured output, and related metadata.
Connector Publishability
0/4
How ready the server looks for client catalogs and managed connector programs.
Tool Snapshot Churn
0/4
Stability of the tool surface across recent validations, including add/remove and output-shape drift.
Connector Replay
3/4
Whether a previously published frozen connector snapshot would remain backward compatible after the latest tool refresh.
Request Association
3/4
Whether roots, sampling, and elicitation appear tied to active client requests instead of arriving unsolicited on idle sessions.
Interactive Flow Safety
3/4
Whether prompts and docs steer users toward safe auth flows instead of pasting secrets directly.
Action Safety
3/4
Risk-weighted view of destructive, exec, egress, and confirmation semantics across the tool surface.
Official Registry Presence
3/4
Whether the server appears directly or indirectly in the official MCP registry.
Provenance Divergence
4/4
How closely official registry metadata, the live server card, and public repo/package signals agree with each other.
Safety Transparency
4/4
Clarity of docs, auth disclosure, support links, and other trust signals visible to integrators.
Tool Capability Clarity
0/4
How clearly the tool surface communicates whether each action reads, writes, deletes, executes, or exports data.
Destructive Operation Safety
3/4
Penalizes delete/revoke/destroy style tools unless auth and safeguards reduce blast radius.
Egress / SSRF Resilience
3/4
Assesses arbitrary URL fetch, crawl, webhook, and remote-request exposure on the tool surface.
Execution / Sandbox Safety
4/4
Evaluates shell, code, script, and command-execution exposure and whether that surface appears contained.
Data Exfiltration Resilience
3/4
Assesses export, dump, backup, and bulk-read behavior against the surrounding auth and safeguard signals.
Least Privilege Scope
2/4
Rewards scoped auth metadata and penalizes broad or missing scopes around privileged tools.
Secret Handling Hygiene
3/4
Assesses secret-bearing tools, token leakage risk, and whether the public surface avoids obvious secret exposure.
Supply Chain Signal
0.5/4
Public metadata signal for repository, changelog, license, versioning, and recency that supports supply-chain trust.
Input Sanitization Safety
0/4
Penalizes risky freeform string inputs when schemas do not constrain URLs, code, paths, queries, or templates.
Tool Namespace Clarity
0/4
Measures naming uniqueness and ambiguity across the tool namespace to reduce collision and confusion risk.

Compatibility profiles

No compatibility profiles available.

Actionable remediation

No remediation items. Current evidence does not show urgent client-facing fixes.

Point loss breakdown

No current score penalties are recorded.

Validation diff

Need at least two validation runs before diffing changes.

Tool snapshot diff & changelog

Need at least two validation runs before building a tool changelog.

Connector replay

No connector replay evidence is available yet.

Transport compliance drilldown

No transport compliance drilldown is available yet.

Request association

No request-association evidence is available yet.

Utility coverage

No utility-coverage summary is available yet.

Benchmark tasks

No benchmark tasks are available yet.

Registry & provenance divergence

No provenance-divergence summary is available yet.

Active alerts

No active alerts for the current server state.

Aliases & registry graph

No aliases discovered for this server.

Alias consolidation

No alias consolidation details are available yet.

Install snippets

No install snippets available.

Agent access & tool surface

Live server tools
No live tool surface captured yet.
Observed from the latest live validation against none. This is the target server surface, not Verify's own inspection tools.
Live capability counts
0 tools • 0 prompts • 0 resources
Counts come from the latest tools/list, prompts/list, and resources/list checks.
Inspect with Verify
search fetch search_servers recommend_servers get_server_report compare_servers
Use Verify itself to search, recommend, compare, and fetch the full report for paracetamol951/kash.
Direct machine links

Claims & monitoring

Server ownership

No verified maintainer claim recorded.

Watch subscriptions
0
Teams: none

Alert routing

No alert routing is configured yet.

Maintainer analytics

No maintainer analytics available.

Maintainer response quality

No maintainer response quality signals are available yet.

Maintainer annotations

No maintainer annotations have been recorded yet.

Maintainer rebuttals & expected behavior

No maintainer rebuttals or expected-behavior overrides are recorded yet.

Latest validation evidence

No validation run available yet.

Raw evidence view

No raw evidence recorded.

Known versions

Validation history

No historical trend summary is available yet.

Validation timeline

No validation timeline is available yet.

Recent validation runs

StartedStatusSummaryLatencyChecks
No validation runs yet.