backstage-mcp-server
Verified Safeby tim-minter
Overview
Provides tools to interact with a Backstage software catalog to list entities, get details, and view ancestry.
Installation
docker run -e BACKSTAGE_BEARER_TOKEN=your_token_here -e BACKSTAGE_API_BASE=https://backstage.example.com/API/catalog backstage-mcpEnvironment Variables
- BACKSTAGE_BEARER_TOKEN
- BACKSTAGE_API_BASE
Security Notes
The server correctly handles sensitive information (Backstage API bearer token) by loading it from environment variables or setting it at runtime. Network requests are made using the httpx library, and no dangerous functions like `eval` or direct shell execution are observed. The `BACKSTAGE_API_BASE` is configurable, preventing hardcoding. A potential risk could be if a malicious `BACKSTAGE_API_BASE` is configured, but this is an environment configuration issue rather than a code vulnerability.
Similar Servers
backlog-mcp-server
This MCP server integrates Backlog API with AI agents like Claude to manage projects, issues, and wikis, providing a conversational interface for project management tasks.
toolhive-registry-server
The central metadata hub for enterprise Model Context Protocol (MCP) server governance and discovery, implementing the official MCP Registry API specification.
mcp-compose
This server provides a robust example of OAuth2 authentication for MCP (Model Context Protocol) servers, using GitHub as the identity provider. It demonstrates secure multi-server management, protocol translation, and integration with AI agents for tool invocation.
mcp-maintainer-toolkit
This server provides a Model Context Protocol (MCP) interface with various tools and resources designed to assist in maintaining, testing, and developing MCP repositories and clients.