cloud-run-mcp

MCP server to deploy apps to Cloud Run

→ GoogleCloudPlatform/cloud-run-mcp · listed on github_topic

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

github_topic

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

⚠️

Known vulnerabilities in dependencies: 2 high

Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.

✅

No credential exfiltration, no sensitive file access, no obfuscation

Static analysis found nothing flowing your secrets to unexpected places.

✅

Open source with a license and README

Anyone can audit the code, the license is declared, and the publisher documents what it does.

🔐

You'll be asked for 1 credential: GOOGLE_OAUTH_CLIENT_SECRET

These are read from process.env at runtime. Make sure you trust where they’ll be sent.

// required environment variables

This server reads these from process.env. You'll be asked to provide them before it can run.

configALLOWED_HOSTS— Comma-separated list of allowed Host headers (if host validation is enabled). The default value is localhost,127.0.0.1,::1.

configDEFAULT_SERVICE_NAME— deploy: Deploys the current working directory to Cloud Run. If a service name is not provided, it will use the environment variable, or the name of the current working directory.

configENABLE_HOST_VALIDATION— Prevents [DNS Rebinding](https://en.wikipedia.org/wiki/DNS_rebinding) attacks by validating the Host header. This is disabled by default.

configGCP_PARENT

configGCP_STDIO

configGOOGLE_CLOUD_PROJECT— The default project ID to use for Cloud Run services.

configGOOGLE_CLOUD_REGION— The default region to use for Cloud Run services.

configGOOGLE_OAUTH_AUDIENCE

configGOOGLE_OAUTH_CLIENT_ID

🔐 secretGOOGLE_OAUTH_CLIENT_SECRET

configGOOGLE_OAUTH_REDIRECT_URI

configOAUTH_AUTHORIZATION_ENDPOINT

configOAUTH_AUTHORIZATION_SERVER

configOAUTH_ENABLED

configOAUTH_PROTECTED_RESOURCE

configOAUTH_TOKEN_ENDPOINT

configPORT

configRUN_INGRESS_POLICY

configSKIP_IAM_CHECK— Controls whether to check for IAM permissions for a Cloud Run service. Set to false to enable checks. This is true by default which is a recommended way to make the service public.

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 3 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/googlecloudplatform-cloud-run-mcp-ua00sa)](https://m8ven.ai/mcp/googlecloudplatform-cloud-run-mcp-ua00sa)

commit: 157658f41daa7def70afb4dfebfab5339a73c5bf

code hash: 63c952018b6216218654dd009a044dc3cd33f9e8be42debb5f6cd81ac21a6699

verified: 6/4/2026, 11:44:17 AM

view raw JSON →