Model Context Protocol moderate risk

Metoro

Metoro MCP Server exposes Kubernetes observability data from the Metoro platform to LLMs, enabling AI-driven insights into cluster performance and health.

Connections & Capabilities

Connects To

GitHubKubernetes

Capabilities

read

Quickstart

Install

brew install go

Config

{
  "mcpServers": {
    "metoro-mcp-server": {
      "command": "<your path to Metoro MCP server go executable>/metoro-mcp-server",
      "args": [],
      "env": {
          "METORO_AUTH_TOKEN" : "<your auth token>",
          "METORO_API_URL": "https://us-east.metoro.io"
       }
    }
  }
}

Exposed MCP Tools (4)

safe

get_metrics

Retrieves performance metrics for Kubernetes resources.

Read-only operation; retrieves existing data.

safe

list_pods

Lists the pods running in a Kubernetes cluster.

Read-only operation; lists existing resources.

safe

get_services

Retrieves information about services in the Kubernetes cluster.

Read-only operation; retrieves existing data.

safe

get_deployments

Retrieves information about deployments in the Kubernetes cluster.

Read-only operation; retrieves existing data.

Safety Assessment

The Metoro MCP Server is relatively safe for read-only access to cluster data. However, the risk of information disclosure and prompt injection should be carefully considered, especially in sensitive environments. Ensure the Metoro auth token is securely managed.

Read-only access to Kubernetes observability data.
Relies on Metoro's RBAC for authorization.
No direct modification of Kubernetes resources.
Uses an API token for authentication.

Potential for information disclosure if the API token is compromised.
Exposure of internal cluster data to external LLMs.
Dependence on the security of the Metoro platform.
No input validation or sanitization mentioned, increasing risk of prompt injection.