74
/ 100
18 days ago
glama

mcp-perforce-server

MCP server for Perforce version control with safe defaults, structured JSON responses, and 59 tools for repository inspection, file operations, changelists, reviews, and more.

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings
⚠️
Known vulnerabilities in dependencies: 1 high
Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
Open source with a license and README
Anyone can audit the code, the license is declared, and the publisher documents what it does.
🔐
You'll be asked for 1 credential: MCP_SSE_AUTH_TOKEN
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// known CVEs in dependencies1 high

Disclosed vulnerabilities in this server's declared npm dependencies (via OSV). Whether each is reachable depends on the installed versions.

high@modelcontextprotocol/sdk@1.25.3GHSA-345p-7cg4-v4c7

@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse

Depend on this server? Get alerted when its CVEs change.Watch this server free →
// required environment variables
This server reads these from process.env. You'll be asked to provide them before it can run.
configLOG_LEVELwarn Server log level.
🔐 secretMCP_SSE_AUTH_TOKEN_(empty)_ Bearer token for auth
configMCP_SSE_CORS_ORIGINCORS allowed origins
configMCP_SSE_ENABLE_AUTHMCP_SSE_PORT=8080 =true mcp-perforce-server --transport=sse
configMCP_SSE_HOST0.0.0.0 Server bind address
configMCP_SSE_PATH/mcp SSE endpoint path
configMCP_SSE_PORT8080 MCP_SSE_ENABLE_AUTH=true mcp-perforce-server --transport=sse
configMCP_TRANSPORT
configP4CONFIG.p4config Config file name used during upward discovery.
configP4_AUDIT_RETENTION_DAYS
configP4_CONFIG_CACHE_TTL
configP4_DISABLE_DELETE"": "true"
configP4_ENABLE_AUDIT_LOGGING
configP4_ENABLE_INPUT_SANITIZATION
configP4_ENABLE_MEMORY_LIMITS
configP4_ENABLE_RATE_LIMITING
configP4_LOG_PERF_METRICS
configP4_MAX_MEMORY_MB
configP4_NEGATIVE_CACHE
configP4_PATHp4 / p4.exe Custom path to the Perforce CLI.
configP4_PERFORMANCE_MODEfast Preset: fast, balanced, secure.
configP4_PRETTY_JSON
configP4_RATE_LIMIT_BLOCK_MS
configP4_RATE_LIMIT_REQUESTS
configP4_RATE_LIMIT_WINDOW_MS
configP4_READONLY_MODE"": "true",
configP4_RESPONSE_CACHEtrue Enable read-response caching.
configP4_RESPONSE_CACHE_TTL_MAPunset Per-tool cache TTL overrides.
configP4_TIMEOUT_MS
configP4_WORKFLOW_CONCURRENCY6 Max concurrent subcalls for composite tools.
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 2 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[![M8ven Score](https://m8ven.ai/badge/mcp/iprabhu-mcp-perforce-server-5puqgt)](https://m8ven.ai/mcp/iprabhu-mcp-perforce-server-5puqgt)
commit: c1522c270fe42647866a0a9f4cfaf86dd3f96e48
code hash: 21561082d5f6727955e2321be892dc659e081e4e19b503de29ef446780039503
verified: 6/21/2026, 10:26:11 AM
view raw JSON →