insights-mcp
Verified Safeby RedHatInsights
Overview
The server acts as a unified Model Context Protocol (MCP) interface for Red Hat Insights services, enabling AI agents to interact with Advisor, Image Builder, Inventory, Planning, Remediations, and Vulnerability APIs.
Installation
podman run --env INSIGHTS_CLIENT_ID=<YOUR_CLIENT_ID> --env INSIGHTS_CLIENT_SECRET=<YOUR_CLIENT_SECRET> --interactive --rm ghcr.io/redhatinsights/insights-mcp:latestEnvironment Variables
- INSIGHTS_CLIENT_ID
- INSIGHTS_CLIENT_SECRET
- INSIGHTS_BASE_URL
- INSIGHTS_TOKEN_ENDPOINT
- INSIGHTS_REFRESH_TOKEN
- INSIGHTS_PROXY_URL
- OAUTH_ENABLED
- INSIGHTS_TOOLSET
- CONTAINER_BRAND
- OAUTH_CLIENT
Security Notes
The codebase generally follows good security practices, including obtaining credentials via environment variables. However, `jwt.decode` is used without signature verification (`options={'verify_signature': False}`) when extracting claims like `rh-org-id` or `rh-user-id` from access tokens. This is noted as being 'for reading claims, not validating' in the code. While potentially acceptable if actual authorization decisions are made by downstream Red Hat APIs, it means the MCP server itself does not verify the integrity of the token claims it reads, which is a noteworthy point for a security audit.
Similar Servers
mcp-k8s
A Kubernetes MCP (Model Control Protocol) server that enables natural language interaction with Kubernetes clusters and Helm for resource and release management.
mcp-servers
Provides a curated collection of Model Context Protocol (MCP) server configurations to enable AI agents to interact with various developer tools and services.
mcp-servers
An MCP server providing create, read, update, and delete (CRUD) operations for cloud storage, specifically Google Cloud Storage, with capabilities for file listing and intelligent access control.
mkp
Allows LLM-powered applications to interact with and manage Kubernetes clusters through the Model Context Protocol (MCP).