mcp-bugzilla
Verified Safeby openSUSE
Overview
This MCP server enables AI models and other MCP clients to interact with Bugzilla instances, allowing them to query bug information, manage comments, and leverage quicksearch capabilities.
Installation
docker run -p 8000:8000 -e BUGZILLA_SERVER=https://bugzilla.example.com kskarthik/mcp-bugzilla --bugzilla-server https://bugzilla.example.com --host 0.0.0.0 --port 8000Environment Variables
- BUGZILLA_SERVER
- MCP_HOST
- MCP_PORT
- MCP_API_KEY_HEADER
- LOG_LEVEL
Security Notes
The primary security risk identified is that the internal `Bugzilla` client, which communicates with the Bugzilla server, includes the Bugzilla API key as a URL query parameter (`?api_key=...`) in every request. This is less secure than sending it in an HTTP header, as URLs are more prone to being logged, cached, and exposed in server access logs or network monitoring. Additionally, at `DEBUG` log level, sensitive information like full bug details and comment payloads are logged, which could expose private data if not handled carefully.
Similar Servers
tmcp
A server implementation for the Model Context Protocol (MCP) to enable LLMs to access external context and tools.
backlog-mcp-server
This MCP server integrates Backlog API with AI agents like Claude to manage projects, issues, and wikis, providing a conversational interface for project management tasks.
gitlab-api
This project provides a Python wrapper for GitLab, serving as an MCP (Model Context Protocol) server to expose GitLab APIs as tools for LLMs, and an A2A (Agent-to-Agent) multi-agent system for delegated GitLab task management with a knowledge graph.
mcp-bugzilla
Provides a Model Context Protocol (MCP) server for AI models and other MCP clients to interact with Bugzilla instances for querying bug information, managing comments, and performing searches.