fleet-mcp
Verified Safeby SimplyMinimal
Overview
Provides a Model Context Protocol (MCP) interface for AI agents to interact with Fleet DM, enabling automated device management, security monitoring, policy enforcement, and osquery execution across a fleet of computers.
Installation
fleet-mcp runEnvironment Variables
- FLEET_SERVER_URL
- FLEET_API_TOKEN
- FLEET_VERIFY_SSL
- FLEET_TIMEOUT
- FLEET_MAX_RETRIES
- FLEET_USER_AGENT
- FLEET_READONLY
- FLEET_ALLOW_SELECT_QUERIES
- FLEET_USE_ASYNC_QUERY_MODE
- FLEET_ASYNC_QUERY_STORAGE_DIR
- FLEET_ASYNC_QUERY_RETENTION_HOURS
Security Notes
The server itself employs good security practices, including explicit read-only modes, SELECT-only query validation in read-only mode, careful handling of secrets, and explicit disabling of dangerous operations (e.g., wipe device, delete user). The primary security concern stems from the power of the underlying Fleet DM API: if the configured API token is compromised, an attacker could leverage the MCP server to perform actions on managed devices or extract sensitive data, even with internal validations. Proper API token management and secure deployment environment are crucial. Script execution and arbitrary query capabilities, while core to Fleet DM, represent significant power that must be guarded.
Similar Servers
opentelemetry-mcp-server
Enables AI assistants to query and analyze OpenTelemetry traces from LLM applications for debugging, performance, and cost optimization.
awesome-oceanbase-mcp
The `awesome-oceanbase-mcp` project provides a collection of Model Context Protocol (MCP) servers designed to enable AI assistants to interact directly with OceanBase databases and its ecosystem components.
mcp-server
The server enables AI assistants to inspect, query, and diagnose problems within an Octopus Deploy instance by exposing its API as MCP tools.
dependency-management-mcp-server
Connects AI assistants to Sonatype's dependency management and security intelligence platform for real-time insights into open source security, license compliance, and dependency health within the development workflow.