Model Context Protocol moderate risk

Kom

Kom is a Kubernetes operations manager offering multi-cluster support, MCP integration, and extensive tooling for managing K8s resources, with both stdio and SSE modes.

Connections & Capabilities

Connects To

GitHubDockerKubernetesAWS

Capabilities

readwriteexecadmin

Quickstart

Config

{
  "mcpServers": {
    "kom": {
      "type": "sse",
      "url": "http://IP:9096/sse"
    }
  }
}

Exposed MCP Tools (9)

safe

list_k8s_clusters

Lists all registered Kubernetes clusters.

Read-only operation, no side effects.

moderate

restart_k8s_daemonset

Restarts a Kubernetes DaemonSet.

Restarts a DaemonSet, causing temporary disruption.

moderate

scale_k8s_deployment

Scales a Kubernetes Deployment by setting the replica count.

Modifies the number of replicas, potentially impacting application availability.

safe

get_k8s_resource

Retrieves details of a Kubernetes resource.

Read-only operation, no side effects.

critical

delete_k8s_resource

Deletes a Kubernetes resource.

Deletes a resource, causing permanent data loss or service disruption.

critical

run_command_in_k8s_pod

Executes a command inside a Kubernetes Pod.

Allows arbitrary command execution within a pod, potentially compromising the container.

critical

delete_pod_file

Deletes a file within a Kubernetes Pod.

Deletes files within a pod, potentially disrupting the application.

high

taint_k8s_node

Adds a taint to a Kubernetes node.

Modifies node scheduling behavior, potentially impacting workload distribution.

high

apply_k8s_yaml

Creates or updates Kubernetes resources using a YAML file.

Applies changes defined in a YAML file, potentially modifying cluster state.

Safety Assessment

Kom provides a wide array of Kubernetes management tools, but its safety varies greatly depending on the specific tool used. Read-only operations are generally safe, while tools that modify or delete resources, or execute commands in pods, pose a higher risk. Proper RBAC and network security are crucial when exposing Kom via MCP.

Supports multiple Kubernetes clusters, allowing for isolation.
Offers both stdio and SSE modes, providing flexibility in integration.
Includes a wide range of tools, some of which are read-only.
Supports callbacks for extending business logic without tight coupling to K8s operations.

Includes tools that can delete resources and execute commands in pods.
MCP integration exposes the server to potential remote exploitation if not secured.
Requires careful configuration of KUBECONFIG environment variable.
Some tools allow modification of node configurations (taints, cordoning), which can impact cluster stability.
Lack of sandboxing for file operations inside pods.