prometheus-mcp
Verified Safeby brenoepics
Overview
A Model Context Protocol (MCP) server that enables AI agents and CLI users to query and discover metrics from Prometheus, with built-in features like retries, caching, and an optional metrics exporter.
Installation
docker run --rm -it brenoepics/prometheus-mcp:latest --mcp --prometheus-url http://host.docker.internal:9090Environment Variables
- PROMETHEUS_URL
- PROMETHEUS_TIMEOUT
- PROMETHEUS_RETRIES
- PROMETHEUS_RETRY_BACKOFF_MS
- PROMETHEUS_MIN_INTERVAL_MS
- PROMETHEUS_CACHE_TTL_SECS
- PROMETHEUS_USERNAME
- PROMETHEUS_PASSWORD
Security Notes
The project is written in Rust, providing strong memory safety. It uses standard HTTP client practices with `reqwest`, including basic authentication via environment variables or CLI flags (recommended over hardcoding). JSON-RPC parsing occurs from `stdin`, and outputs are written to `stdout` and a fixed log file path (`/tmp/mcp.jsonl`). There is no usage of `eval` or similar dangerous dynamic code execution patterns. Security risks are primarily related to misconfiguration (e.g., exposing the server publicly without additional authentication) or vulnerabilities in the Prometheus instance it connects to.
Similar Servers
mcpm.sh
MCPM is a command-line tool for managing Model Context Protocol (MCP) servers, enabling discovery, installation, execution, sharing, and integration with various MCP clients.
k8s-mcp-server
Interacting with Kubernetes clusters and Helm releases through a standardized Model Context Protocol (MCP) interface.
mcp-use-cli
An interactive command-line interface (CLI) tool for connecting to and interacting with Model Context Protocol (MCP) servers using natural language, acting as an AI client that orchestrates LLM responses with external tools.
mcp-compose
This server provides a robust example of OAuth2 authentication for MCP (Model Context Protocol) servers, using GitHub as the identity provider. It demonstrates secure multi-server management, protocol translation, and integration with AI agents for tool invocation.