ClauseLens MCP
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@ClauseLens MCPAnalyze contract https://example.com/contract from buyer perspective"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
ClauseLens MCP
ClauseLens is a production remote MCP (Model Context Protocol) server that turns Claude or Cursor into a contract analyst. It exposes structured tools for fetching documents, segmenting clauses, verifying spans, and accessing a risk taxonomy — the connecting LLM does all reasoning. No documents are retained and no LLM calls are made server-side.
Architecture
┌─────────────────────┐
│ Claude / Cursor │ (does all reasoning, zero server-side LLM calls)
└────────┬────────────┘
│ HTTPS + JWT (OAuth 2.1 via WorkOS AuthKit)
▼
┌─────────────────────┐
│ Railway (public │ (TLS termination, public HTTPS URL)
│ HTTPS endpoint) │
└────────┬────────────┘
│
▼
┌─────────────────────────────────────────────────────┐
│ FastMCP 3.x (Streamable HTTP) │
│ │
│ Auth middleware: JWT validation + rate limiting │
│ │
│ Tools: │
│ fetch_document ──► SSRF-hardened HTTP fetch │
│ segment_clauses ──► heuristic clause splitter │
│ verify_spans ──► grounding guardrail │
│ get_risk_taxonomy ► taxonomy lookup │
│ │
│ Resources: │
│ clauselens://taxonomy │
│ clauselens://severity-rubric │
│ │
│ Prompt: │
│ analyze_contract │
│ │
│ No document retention — all processing in-memory │
└─────────────────────────────────────────────────────┘Related MCP server: contextflow-mcp
MCP Surface
Tools
Tool | Description |
| SSRF-hardened HTTP fetch. Extracts readable text via trafilatura. 10s timeout, 2MB cap, 100k char extracted text cap. Rate-limited per user (10 req/hour default). Returns |
| Splits contract text into clauses with exact character offsets. Invariant: |
| Grounding guardrail. Verifies that clause spans still match the original text. Claude must drop any clause that fails. Returns |
| Returns the 15 risk categories with definitions and signal language. Returns |
Resources
Resource URI | Description |
| 15 risk categories in markdown format |
| 4-level severity scale: critical, high, medium, low |
Prompt
analyze_contract(document, is_url, perspective)
Injects a full 9-step contract analysis workflow into the conversation.
Parameter | Type | Description |
| string | Contract text or URL |
| bool | Whether |
| string | Analyzing party's perspective (e.g. "vendor", "buyer") |
Connecting Claude
Go to Claude.ai → Settings → Integrations → Add MCP Server
Enter the MCP URL:
https://YOUR-SUBDOMAIN.railway.app/mcpSign in with WorkOS AuthKit when prompted
The ClauseLens tools, resources, and prompt will now be available in Claude
Deploy to Railway
Prerequisites
Railway CLI:
npm install -g @railway/cliWorkOS account with AuthKit configured (see WorkOS AuthKit Setup)
Steps
Fork or clone this repository:
git clone https://github.com/YOUR_USERNAME/clauselens-mcp.git cd clauselens-mcpLog in and link to Railway:
railway login railway linkDeploy:
railway upSet environment variables in the Railway dashboard (Project → Variables):
Variable
Description
WORKOS_CLIENT_IDWorkOS application client ID (e.g.
client_01...)WORKOS_API_KEYWorkOS API key (e.g.
sk_live_...)WORKOS_JWKS_URIJWKS endpoint:
https://api.workos.com/sso/jwks/<client_id>WORKOS_AUDIENCEJWT audience claim, set to
clauselensRATELIMIT_REQUESTSRequests per window per user (default:
10)RATELIMIT_WINDOW_SECONDSRate limit window in seconds (default:
3600)PORTPort for the server (Railway sets this automatically; default:
8000)MCP_PUBLIC_URLFull public URL of the MCP endpoint, e.g.
https://YOUR-SUBDOMAIN.railway.app/mcpRailway assigns a public HTTPS URL automatically. Use it as your MCP Server URL.
Local Development
Install dependencies:
pip install -r requirements.txtCopy
.env.exampleand fill in your values:cp .env.example .env # edit .env with your WorkOS credentialsStart the server:
python server.py
The server will listen on http://localhost:8000/mcp by default.
Running Tests
pip install -r requirements-dev.txt
pytest -vThe test suite contains 47 tests covering tools, auth middleware, rate limiting, SSRF hardening, and schema validation.
WorkOS AuthKit Setup
Go to workos.com and create an account
Navigate to AuthKit → Applications
Create or select an application
Collect the following values:
Client ID: shown on the application overview page
API Key: found under API Keys in your WorkOS dashboard
JWKS URI:
https://api.workos.com/sso/jwks/<your-client-id>
Set
WORKOS_AUDIENCEtoclauselens(must match theaudclaim in issued JWTs)
Security
SSRF hardening: fetch_document blocks requests to private IP ranges (RFC 1918, loopback, link-local, metadata endpoints), validates schemes (HTTPS only in production), and enforces a 10-second timeout with a 2MB response cap.
No document retention: All document processing happens in-memory during the request lifecycle. No contract text, extracted content, or analysis results are stored, logged, or persisted anywhere.
Rate limiting: Per-user token-bucket rate limiter enforced in-process. Default: 10 requests per hour. Configurable via RATELIMIT_REQUESTS and RATELIMIT_WINDOW_SECONDS.
Authentication: Every request must carry a valid JWT issued by WorkOS AuthKit. Unauthenticated or invalid requests are rejected before any tool logic runs.
Disclaimer
ClauseLens provides automated information, not legal advice.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/Jaydatta-Bade/clauselens-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server