kernel-mcp-server
Verified Safeby onkernel
Overview
Provides AI assistants with secure access to Kernel platform tools for browser automation, app deployment, and monitoring.
Installation
bun run startEnvironment Variables
- KERNEL_CLI_PROD_CLIENT_ID
- KERNEL_CLI_STAGING_CLIENT_ID
- KERNEL_CLI_DEV_CLIENT_ID
- REDIS_URL
- CLERK_SECRET_KEY
- NEXT_PUBLIC_CLERK_DOMAIN
- MINTLIFY_ASSISTANT_API_TOKEN
- MINTLIFY_DOMAIN
- API_BASE_URL
Security Notes
The server implements OAuth 2.0 authentication via Clerk, using environment variables for all sensitive keys (Clerk secret, Redis URL, API tokens). JWTs and refresh tokens are hashed before storage in Redis, with proper TTL management. Route protection is enforced via Clerk middleware. The 'execute_playwright_code' tool allows AI agents to submit arbitrary Playwright/TypeScript code, which is then executed remotely on the Kernel platform in a sandboxed environment, not on the MCP server itself. While this is a powerful feature, the risk is shifted to the robustness of Kernel's remote sandboxing rather than a direct vulnerability within this server's codebase. No 'eval' or direct obfuscation found. Network communications with external services are standard. The use of plain API keys (if not JWT-formatted) is less robust than JWTs but relies on TLS.
Similar Servers
ls-mcp
Command-line tool for discovering, analyzing, and reporting on Model Context Protocol (MCP) server configurations in a local development environment.
company-docs-mcp
Transforms organizational documentation into an AI-powered knowledge base for semantic search, Q&A via chat interface, Claude Desktop, and Slack integration.
karma
A modern, dark-themed chat interface demonstrating the Karma Memory system for AI agents, enabling context-aware conversations and dynamic switching of memory retrieval and caching strategies.
fastmcp
Build fast, declarative, and type-safe servers implementing the Model Context Protocol (MCP) in Dart.