Model Context Protocol high risk

RabbitMQ

RabbitMQ management API offers extensive control over message queues, exchanges, and users, but lacks sandboxing and requires careful access control to prevent misuse.

Connections & Capabilities

Connects To

GitHub

Capabilities

readwriteexecadmin

Quickstart

Install

npx -y

Config

{
    "mcpServers": {
      "rabbitmq": {
        "command": "uvx",
        "args": [
            "mcp-server-rabbitmq@latest",
            "--rabbitmq-host",
            "<hostname ex. test.rabbit.com, localhost>",
            "--port",
            "<port number ex. 5672>",
            "--username",
            "<rabbitmq username>",
            "--password",
            "<rabbitmq password>",
            "--use-tls",
            "<true if uses amqps, false otherwise>"
        ]
      }
    }
}

Exposed MCP Tools (4)

safe

list_queues

Lists all queues in the RabbitMQ broker.

Read-only operation, no side effects.

moderate

create_exchange

Creates a new exchange in the RabbitMQ broker.

Creates a new resource, but doesn't immediately impact existing operations.

critical

delete_queue

Deletes a queue from the RabbitMQ broker.

Destructive operation, can lead to data loss.

high

set_permissions

Sets permissions for a user on a virtual host.

Modifies access control, potentially granting unintended privileges.

Safety Assessment

The RabbitMQ management API provides powerful administrative capabilities but poses significant risks if not properly secured. It's safe when access is strictly controlled using RBAC and TLS is enabled. It's risky when default credentials are used, RBAC is overly permissive, or the API is exposed to untrusted networks.

Role-Based Access Control (RBAC) allows for granular permission management.
Authentication is required for API access.
Auditing capabilities can track API usage.
TLS encryption protects data in transit.

Unrestricted API access can lead to data loss or service disruption.
No built-in sandboxing or resource limits.
Direct access to message queues and exchanges.
Potential for privilege escalation if RBAC is misconfigured.
Secrets (e.g., passwords) are accessible via the API.