juju-mcp
by nsklikas
Overview
Enables LLMs to interact with and manage Juju environments by exposing CLI commands as Model Context Protocol (MCP) tools.
Installation
uv run --directory juju-mcp-server python server.pySecurity Notes
The `exec_workload_command` tool, when not in read-only mode, allows arbitrary shell commands to be executed on workload containers via `kubectl exec -- /bin/sh -c {command}`. This poses a severe command injection risk, enabling remote code execution within the Juju environment. Additionally, `read_workload_file` constructs a Python script string with user-provided `file_path` and `container_name`, which could potentially be exploited through complex string injection if not adequately escaped by `juju ssh` or Pebble's API. The server also relies heavily on `juju` and `kubectl` binaries, operating with the privileges of the user running the server, making robust input sanitization crucial for all tool parameters. Running in `--read-only` mode mitigates some risks, but the fundamental `exec_workload_command` vulnerability exists if not enabled.
Similar Servers
mcp-k8s
Facilitates natural language interaction and automation for Kubernetes cluster management and Helm operations via the Model Control Protocol (MCP).
mcp-interviewer
A Python CLI tool to evaluate Model Context Protocol (MCP) servers for agentic use-cases, by inspecting capabilities, running functional tests, and providing LLM-as-a-judge evaluations.
1xn-vmcp
An open-source platform for composing, customizing, and extending multiple Model Context Protocol (MCP) servers into a single logical, virtual MCP server, enabling fine-grained context engineering for AI workflows and agents.
zeromcp
A minimal, pure Python Model Context Protocol (MCP) server for exposing tools, resources, and prompts via HTTP/SSE and Stdio transports.