MCP-Server
by MADARAKZ
Overview
Manages Kubernetes OPA Gatekeeper policies using natural language commands, powered by Google Gemini AI.
Installation
export GEMINI_API_KEY="your-api-key" && ./mcp-client -server ./mcp-serverEnvironment Variables
- GEMINI_API_KEY
- KUBECONFIG
Security Notes
CRITICAL VULNERABILITY: The `mcp-client/ai.go` explicitly disables SSL/TLS certificate verification by setting `TLSClientConfig: &tls.Config{InsecureSkipVerify: true}` when connecting to the Google Gemini API. This makes the connection highly susceptible to Man-in-the-Middle (MITM) attacks, allowing an attacker to intercept, read, and modify communication (including the GEMINI_API_KEY) without detection. This is a severe security flaw. Additionally, the `mcp-server/k8s.go` executes `kubectl` commands based on input from the client (and implicitly, the AI). While `exec.CommandContext` mitigates simple shell injection, the server acts as a trusted executor for arbitrary YAML content (from files or AI-generated manifests). There is no inherent validation of the YAML content itself by the server before applying it, making the system vulnerable to malicious policy definitions or resource deployments if the AI hallucinates harmful content or the client is compromised.
Similar Servers
kubernetes-mcp-server
Facilitates AI agent interaction with Kubernetes and OpenShift clusters by exposing management and observability tools via the Model Context Protocol.
gcloud-mcp
Enables AI assistants to interact with the Google Cloud environment using the gcloud CLI for natural language cloud management and workflow automation.
mcp-k8s-go
This MCP server enables interaction with Kubernetes clusters to list, get, apply, and execute commands on various resources through a conversational interface.
mcp-kubernetes
Enables AI assistants to interact with and debug Kubernetes clusters by translating natural language requests into Kubernetes operations.