apiiro-mongo-mcp
by arielolin
Overview
This MCP server allows users to query and manage MongoDB deployments running in Kubernetes, handling gcloud authentication, permission escalation, and Kubernetes context/namespace selection.
Installation
npm startSecurity Notes
The server uses `child_process.exec` to run `kubectl` and `gcloud` commands. It constructs shell commands by interpolating user-provided values for Kubernetes context, namespace, MongoDB credentials (`mongoAuth`), and MongoDB queries (`query`/`expression`). Although there's an attempt to escape double quotes and dollar signs in the MongoDB query, this is insufficient for comprehensive shell injection prevention. Specifically, user-provided `context` and `namespace` are not escaped when used in `kubectl` commands, and user-provided `mongoAuth` (username/password) are interpolated into `mongosh` command-line arguments using simple double quotes, which are vulnerable if the credentials themselves contain malicious characters (e.g., `"$(evil_command)"`). This allows for potential arbitrary command execution on the host where the MCP server runs, or within the target MongoDB pod.
Similar Servers
mcp-server-kubernetes
This MCP server enables AI agents to connect to and manage Kubernetes clusters by executing kubectl and Helm commands.
mongodb-mcp-server
Provides a robust AI agent interface for interacting with MongoDB databases and MongoDB Atlas cloud services, enabling tool-calling for data management, monitoring, and search operations.
mcp-k8s-go
This MCP server enables interaction with Kubernetes clusters to list, get, apply, and execute commands on various resources through a conversational interface.
mcp-k8s
Facilitates natural language interaction and automation for Kubernetes cluster management and Helm operations via the Model Control Protocol (MCP).