Model Context Protocol high risk

Qgis

QGISMCP connects Claude AI to QGIS, enabling AI-assisted project creation, layer manipulation, and code execution within the QGIS environment.

Connections & Capabilities

Connects To

GitHubFilesystem

Capabilities

readwriteexecadmin

Quickstart

Install

brew install uv

Config

{
    "mcpServers": {
        "qgis": {
            "command": "uv",
            "args": [
                "--directory",
                "/ABSOLUTE/PATH/TO/PARENT/REPO/FOLDER/qgis_mcp/src/qgis_mcp",
                "run",
                "qgis_mcp_server.py"
            ]
        }

    }
}

Exposed MCP Tools (15)

safe

ping

Checks the connectivity between Claude and the QGIS MCP server.

Read-only command with no side effects.

safe

get_qgis_info

Retrieves information about the current QGIS installation.

Read-only command that retrieves system information.

moderate

load_project

Loads a QGIS project from a specified file path.

Potentially loads malicious project files.

moderate

create_new_project

Creates a new QGIS project and saves it to a specified path.

Can overwrite existing files.

safe

get_project_info

Retrieves information about the current QGIS project.

Read-only command that retrieves project metadata.

moderate

add_vector_layer

Adds a vector layer to the current QGIS project.

Potentially loads malicious vector data.

moderate

add_raster_layer

Adds a raster layer to the current QGIS project.

Potentially loads malicious raster data.

safe

get_layers

Retrieves a list of all layers in the current QGIS project.

Read-only command that lists layers.

high

remove_layer

Removes a layer from the QGIS project by its ID.

Deletes a layer from the project.

safe

zoom_to_layer

Zooms the map view to the extent of a specified layer.

Read-only command that changes the map view.

safe

get_layer_features

Retrieves features from a vector layer, with an optional limit.

Read-only command that retrieves feature data.

moderate

execute_processing

Executes a QGIS processing algorithm with given parameters.

May modify data or create new files.

moderate

save_project

Saves the current QGIS project to a specified file path.

Can overwrite existing project files.

moderate

render_map

Renders the current map view to an image file.

Writes an image file to disk.

critical

execute_code

Executes arbitrary PyQGIS code provided as a string.

Allows unrestricted code execution within QGIS.

Safety Assessment

QGISMCP offers powerful integration between Claude AI and QGIS, but the ability to execute arbitrary Python code introduces substantial security risks. It is safe to use only with trusted code and a thorough understanding of the potential consequences. Exercise extreme caution when executing code from untrusted sources.

Requires local execution, limiting external exposure.
User must manually configure Claude Desktop to enable the integration.
Clear separation of concerns between the QGIS plugin and the MCP server.

Allows arbitrary Python code execution within QGIS, posing a significant risk.
No built-in sandboxing for code execution.
Relies on user vigilance to avoid executing malicious code.
Potential for unauthorized data access or modification if exploited.