stackrox-mcp
Verified Safeby stackrox
Overview
Provides AI assistants with programmatic access to StackRox for security and vulnerability insights via the Model Context Protocol (MCP).
Installation
docker run -p 8080:8080 --env STACKROX_MCP__CENTRAL__URL=central.stackrox:443 --env STACKROX_MCP__TOOLS__CONFIG_MANAGER__ENABLED=true quay.io/stackrox-io/mcp:latestEnvironment Variables
- STACKROX_MCP__CENTRAL__URL
- STACKROX_MCP__CENTRAL__AUTH_TYPE
- STACKROX_MCP__CENTRAL__API_TOKEN
- STACKROX_MCP__TOOLS__VULNERABILITY__ENABLED
- STACKROX_MCP__TOOLS__CONFIG_MANAGER__ENABLED
- LOG_LEVEL
Security Notes
The server demonstrates a high security posture, especially in its Kubernetes deployment via Helm charts. It enforces `runAsNonRoot: true`, `readOnlyRootFilesystem: true`, `allowPrivilegeEscalation: false`, and drops all capabilities by default. Sensitive configurations like `central.api_token` are redacted in logs. The primary configurable risk is the `insecure_skip_tls_verify` option for connecting to StackRox Central, which is explicitly warned as 'for testing only'. Input validation is performed for tool parameters.
Similar Servers
hyper-mcp
A fast, secure Model Context Protocol (MCP) server that extends its capabilities through WebAssembly plugins, enabling AI agents to access tools, resources, and prompts.
toolhive-studio
ToolHive is a desktop application (Electron UI) for discovering, deploying, and managing Model Context Protocol (MCP) servers in isolated containers, and connecting them to AI agents and clients.
compound-mcp-server
Provides a Model Context Protocol (MCP) server for interacting with Groq models, including compound/meta models, exposing tools for real-time information and code execution capabilities from the Groq AI.
suse-ai-up
A comprehensive, modular Model Context Protocol (MCP) proxy system that enables secure, scalable, and extensible AI model integrations.