cml-mcp
Verified Safeby xorrkaz
Overview
Enables AI assistants to interact with and automate Cisco Modeling Labs (CML) network lab operations using natural language.
Installation
docker run -d --rm --name cml-mcp -p 9000:9000 -e CML_URL=https://your-cml-server.example.com -e CML_MCP_TRANSPORT=http xorrkaz/cml-mcp:latestEnvironment Variables
- CML_URL
- CML_USERNAME
- CML_PASSWORD
- CML_VERIFY_SSL
- DEBUG
- PYATS_USERNAME
- PYATS_PASSWORD
- PYATS_AUTH_PASS
- CML_MCP_TRANSPORT
- CML_MCP_BIND
- CML_MCP_PORT
- CML_ALLOWED_URLS
- CML_URL_PATTERN
- CML_MCP_ACL_FILE
Security Notes
The `send_cli_command` tool allows direct execution of CLI commands on running CML nodes. This poses a significant risk for command injection on target network devices if the AI is unconstrained or if the commands are not properly sanitized. The server's HTTP transport mode supports client-provided CML server URLs, but attempts to validate them against `CML_ALLOWED_URLS` or `CML_URL_PATTERN` to prevent SSRF. Credentials for CML and PyATS are handled via environment variables (for stdio mode) or HTTP headers (for HTTP mode), and the ACL feature in HTTP mode allows for granular control over tool access.
Similar Servers
fastmcp
FastMCP is an ergonomic interface for the Model Context Protocol (MCP), providing a comprehensive framework for building and interacting with AI agents, tools, resources, and prompts across various transports and authentication methods.
mcp-scanner
Scans Model Context Protocol (MCP) servers, tools, prompts, and resources for security vulnerabilities, employing static analysis, YARA rules, Cisco AI Defense API, and LLM-based behavioral analysis.
mcp-interviewer
A Python CLI tool to evaluate Model Context Protocol (MCP) servers for agentic use-cases, by inspecting capabilities, running functional tests, and providing LLM-as-a-judge evaluations.
zeromcp
A minimal, pure Python Model Context Protocol (MCP) server for exposing tools, resources, and prompts via HTTP/SSE and Stdio transports.