ibmz-mcp-server
Verified Safeby PurpleSquirrelMedia
Overview
Integrate Claude Code with IBM Z mainframe capabilities for HSM-backed key management and exposing z/OS applications as REST APIs, enabling AI-powered enterprise operations and security.
Installation
node index.jsEnvironment Variables
- IBM_CLOUD_API_KEY
- KEY_PROTECT_INSTANCE_ID
- KEY_PROTECT_URL
- ZOS_CONNECT_URL
- ZOS_CONNECT_USERNAME
- ZOS_CONNECT_PASSWORD
Security Notes
The repository contains numerous hardcoded API keys and instance IDs within its demo scripts, which is a significant security risk as it can lead to accidental exposure or misuse if not properly managed. While the main server (`index.js`) correctly uses environment variables for sensitive configuration, the presence of hardcoded secrets in related files is a major concern. The `zos_connect_call_service` tool allows constructing arbitrary requests to a configurable mainframe URL; although path parameters are encoded and payloads are JSON stringified, this tool presents a potential Server-Side Request Forgery (SSRF) risk if `ZOS_CONNECT_URL` can point to internal networks, and a risk of exploiting vulnerabilities in target mainframe applications if Claude is prompted to craft malicious API calls.
Similar Servers
claude-code-mcp
Acts as an MCP server to enable LLMs to run Claude Code CLI in one-shot mode, bypassing permissions for complex coding, file system, Git, and terminal operations.
consult-llm-mcp
An MCP server that allows AI agents like Claude Code to consult stronger, more capable AI models (e.g., GPT-5.2, Gemini 3.0 Pro) for complex code analysis, debugging, and architectural advice.
mcp-ssh-manager
Manages remote SSH servers via the Model Context Protocol (MCP), enabling AI assistants like Claude Code and OpenAI Codex to execute commands, transfer files, monitor health, and automate DevOps tasks.
claude-team
Orchestrate multiple AI coding sessions (Claude Code, Codex) via iTerm2, enabling parallel development, isolated work environments, and streamlined task management.