opsorch-mcp
Verified Safeby OpsOrch
Overview
The opsorch-mcp server acts as a Model Context Protocol (MCP) adapter, exposing read-only OpsOrch Core HTTP APIs as safe tools for Large Language Models (LLMs) and agent runtimes to query operational data.
Installation
docker run -d --name opsorch-mcp -p 7070:7070 -e OPSORCH_CORE_URL=http://localhost:8080 -e OPSORCH_CORE_TOKEN=changeme -e MCP_HTTP_PORT=7070 ghcr.io/opsorch/opsorch-mcp:latestEnvironment Variables
- OPSORCH_CORE_URL
- OPSORCH_CORE_TOKEN
- OPSORCH_CORE_TIMEOUT_MS
- OPSORCH_LOG_LEVEL
- MCP_HTTP_PORT
- MCP_HTTP_ALLOW_ORIGINS
- MCP_HTTP_ALLOW_HOSTS
Security Notes
The server's core functionality is explicitly read-only, which significantly reduces the attack surface for data manipulation. It uses environment variables for sensitive configurations like `OPSORCH_CORE_URL` and `OPSORCH_CORE_TOKEN`, which is a good practice. The HTTP transport includes configurable CORS (`MCP_HTTP_ALLOW_ORIGINS`) and Host header allow-lists (`MCP_HTTP_ALLOW_HOSTS`), enhancing network security for remote clients. Input validation is performed using `zod` schemas before making calls to the OpsOrch Core. There are no direct uses of `eval` or similar dangerous functions. The default `OPSORCH_CORE_TOKEN='demo'` for local development is a minor concern if not changed for production but is clearly documented. Overall, the code appears robust against common web vulnerabilities, relying on the security of the underlying 'OpsOrch Core' for data integrity.
Similar Servers
klavis
Develop and deploy AI agents that interact with a wide array of web services (e.g., Gmail, YouTube, LinkedIn, Supabase, Salesforce, Kubernetes) through a standardized Model Context Protocol (MCP), often orchestrated by an intelligent routing layer like Strata.
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
bifrost
A high-performance AI gateway with a unified interface for multiple LLM providers, offering real-time monitoring and configuration.
lunar
The Lunar MCP Server acts as an HTTP proxy, designed to intercept, analyze, and manage API traffic within a Python environment, applying policies for caching, throttling, queueing, and collecting data for observability.