Model Context Protocol moderate risk

Quarkus MCP Servers

A collection of Quarkus-based Model Context Protocol servers offering diverse capabilities, including database interaction, JVM introspection, file system access, and container management.

Connections & Capabilities

Connects To

GitHubPostgreSQLMySQLSQLiteDockerKubernetesFilesystem

Capabilities

readwriteexecadmin

Quickstart

Install

npx @jbangdev/jbang

Exposed MCP Tools (7)

high

jdbc

Stores and retrieves data from a database using a JDBC URL.

Can perform arbitrary database operations, including data modification and deletion, depending on the provided JDBC URL and credentials.

safe

jvminsight

Inspects a running JVM process.

Primarily read-only, providing insights into JVM internals without modifying state.

moderate

filesystem

Serves files from a file system.

Exposure of files can lead to information disclosure; write access depends on file system permissions.

moderate

jfx

Exposes a canvas for drawing using JavaFX.

Potential for code execution if the JavaFX canvas is used to render untrusted content.

critical

kubernetes

Interacts with a Kubernetes cluster.

Can perform any action allowed by the configured Kubernetes credentials, including deploying, modifying, and deleting resources.

high

containers

Works with Docker/Podman/OCI compatible container engines.

Can manage containers, potentially leading to resource exhaustion or security breaches if not properly controlled.

safe

wolfram

Performs web search optimized for use by a large language model through the Wolfram Alpha LLM API.

Limited to web search via the Wolfram Alpha API; no direct access to system resources.

Safety Assessment

The safety of these servers varies greatly depending on the specific server being used. Read-only servers like `jvminsight` pose minimal risk. Servers that interact with infrastructure, like `kubernetes` or `containers`, require careful configuration and monitoring to prevent unintended consequences. Ensure proper access controls are in place to mitigate risks.

Individual servers can be assessed and deployed based on their specific risk profiles.
The framework provides a foundation for building secure MCP servers.
Clear documentation is provided for each server, aiding in understanding its functionality and potential risks.
Several servers are read-only, limiting potential damage.

Some servers, like `kubernetes` and `containers`, can perform potentially destructive actions.
Lack of centralized authentication and authorization across all servers.
Reliance on underlying system security (e.g., file system permissions, database access controls).
Potential for information disclosure if not configured correctly.