mcp-cloudron
Verified Safeby serenichron
Overview
MCP server for Cloudron instance management, enabling AI assistants to list apps, get status, manage resources, and perform validated operations on self-hosted applications.
Installation
npx @serenichron/mcp-cloudronEnvironment Variables
- CLOUDRON_BASE_URL
- CLOUDRON_API_TOKEN
Security Notes
The server follows strong security practices. It requires `CLOUDRON_BASE_URL` and `CLOUDRON_API_TOKEN` to be set via environment variables, preventing hardcoded credentials. All API calls use bearer token authentication over HTTPS. Crucially, it implements pre-flight validation (F37, F36, F23a) for destructive operations (e.g., uninstall app, create backup, install app, restore backup) and storage checks, adding a critical layer of safety. Input validation is performed for all tool parameters (e.g., email/password strength, app IDs, roles). No `eval` or other dangerous dynamic code execution patterns were found. Error messages are designed to avoid leaking sensitive internal details. The primary security risk lies in the permissions granted to the `CLOUDRON_API_TOKEN` itself; it should be configured with the minimum necessary 'Read and Write' scope as emphasized in the `REAL_API_TEST_RESULTS.md`.
Similar Servers
ha-mcp
Provides AI agents with complete control over Home Assistant via REST and WebSocket APIs, offering a comprehensive suite of tools for smart home management, automation, and debugging.
mcp-k8s
Facilitates natural language interaction and automation for Kubernetes cluster management and Helm operations via the Model Control Protocol (MCP).
toolhive-studio
ToolHive is a desktop application (Electron UI) for discovering, deploying, and managing Model Context Protocol (MCP) servers in isolated containers, and connecting them to AI agents and clients.
suse-ai-up
A comprehensive, modular Model Context Protocol (MCP) proxy system that enables secure, scalable, and extensible AI model integrations.