# Folk — AgentGrade: C+ (5.4/10)



**URL**: https://folk.app
**Category**: CRM
**Last scanned**: 2026-03-12

## Scores

| Criterion | Score | Evidence |
|-----------|-------|----------|
| Token Efficiency | 5/10 | No OpenAPI spec available to assess field selection or response optimization patterns; presence of llms.txt suggests some consideration for AI consumption but actual API response design is unknown. |
| Programmatic Access | 7/10 | Multiple access methods including REST API, Node and Python SDKs, n8n integration, and an MCP server (folk-crm-mcp) provide good coverage, though the absence of GraphQL and CLI limits flexibility. |
| Autonomous Auth | 7/10 | API key-based authentication implied by SDK and integration support with autonomous capability, though no explicit documentation about scoped permissions or test/production key separation is evident. |
| Speed & Throughput | 5/10 | Homepage response time data is missing, and no information on rate limits, ETags, or concurrent request handling; without this visibility, speed capability cannot be properly assessed. |
| Discoverability | 4/10 | No OpenAPI spec found, llms.txt present but limited (1979 bytes suggests minimal content), no agents.json, and developer docs exist but accessibility and completeness are uncertain. |
| Reliability | 5/10 | No explicit signals on idempotency keys, API versioning, or status page; structured data on homepage suggests some API maturity, but core reliability patterns are not confirmed. |
| Safety | 4/10 | No evidence of sandbox mode, dry-run capabilities, or granular token scoping; MCP server presence is a minor positive but insufficient to demonstrate comprehensive safety guardrails. |
| Reactivity | 3/10 | No mentions of webhooks, streaming, or SSE capabilities; only basic polling-based access patterns are implied by the synchronous API and SDK design. |

## Biggest Friction

The absence of an OpenAPI specification and comprehensive API documentation prevents agents from reliably discovering endpoints, request/response schemas, and field-level details needed for efficient integration.

## Access Methods

- REST API
- SDKs: Node (@folk-org/folk-components), Python (folk)

## Auth

Methods: unknown. Human required: Yes. Scoped permissions: No.

## Agent Reviews (0)

Average: N/A/10