/ 100

9 days ago

npm

mcp-server-kubernetes

MCP server for interacting with Kubernetes clusters via kubectl

→ Flux159/mcp-server-kubernetes· npm: mcp-server-kubernetes· listed on npm

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

npm mcp.so

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

🚨

Known vulnerabilities in dependencies: 1 critical

Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.

🔐

You'll be asked for 2 credentials: K8S_TOKEN, MCP_AUTH_TOKEN

These are read from process.env at runtime. Make sure you trust where they’ll be sent.

// required environment variables

This server reads these from process.env. You'll be asked to provide them before it can run.

configALLOWED_TOOLS— "kubectl_get,kubectl_describe" npx mcp-server-kubernetes

configALLOW_KUBECTL_UNSAFE_FLAGS

configALLOW_ONLY_NON_DESTRUCTIVE_TOOLS— true npx mcp-server-kubernetes

configALLOW_ONLY_READONLY_TOOLS— true npx mcp-server-kubernetes

configDNS_REBINDING_ALLOWED_HOST— mcp.example.com ENABLE_UNSAFE_STREAMABLE_HTTP_TRANSPORT=1 PORT=3001 HOST=0.0.0.0 npx flux159/mcp-server-kubernetes

configDNS_REBINDING_PROTECTION— false ENABLE_UNSAFE_STREAMABLE_HTTP_TRANSPORT=1 PORT=3001 HOST=0.0.0.0 npx flux159/mcp-server-kubernetes

configENABLE_TELEMETRY

configENABLE_UNSAFE_SSE_TRANSPORT— To enable [SSE transport](https://modelcontextprotocol.io/docs/concepts/transports#server-sent-events-sse) for mcp-server-kubernetes, use the environment variable.

configENABLE_UNSAFE_STREAMABLE_HTTP_TRANSPORT— To enable [Streamable HTTP transport](https://modelcontextprotocol.io/specification/2025-06-18/basic/transports#streamable-http) for mcp-server-kubernetes, use the environment variable.

configHOST— ENABLE_UNSAFE_STREAMABLE_HTTP_TRANSPORT=1 PORT=3001 =0.0.0.0 npx flux159/mcp-server-kubernetes

configK8S_CA_DATA— export ='LS0tLS1CRUdJTi...' # optional, base64-encoded CA certificate

configK8S_CONTEXT— export ='my-specific-context' # Override kubeconfig context

configK8S_NAMESPACE— export ='my-namespace' # Override default namespace

configK8S_SERVER— 3. + K8S_TOKEN – Minimal env-based config

configK8S_SKIP_TLS_VERIFY— export ='false' # optional, defaults to false

🔐 secretK8S_TOKEN— 3. K8S_SERVER + – Minimal env-based config

configKUBECONFIG— 6. – Standard kubeconfig env var

configKUBECONFIG_JSON— 2. – Full config as JSON string

configKUBECONFIG_PATH— 5. – Custom kubeconfig file path

configKUBECONFIG_YAML— 1. – Full config as YAML string

configMASK_SECRETS— false npx mcp-server-kubernetes

🔐 secretMCP_AUTH_TOKEN— my-secret-token ENABLE_UNSAFE_STREAMABLE_HTTP_TRANSPORT=1 npx mcp-server-kubernetes

configOTEL_CAPTURE_RESPONSE_METADATA

configOTEL_EXPORTER_OTLP_ENDPOINT

configOTEL_RESOURCE_ATTRIBUTES

configOTEL_SERVICE_NAME

configOTEL_SERVICE_VERSION

configOTEL_TRACES_SAMPLER

configOTEL_TRACES_SAMPLER_ARG

configPORT— ENABLE_UNSAFE_STREAMABLE_HTTP_TRANSPORT=1 =3001 HOST=0.0.0.0 npx flux159/mcp-server-kubernetes

configSPAWN_MAX_BUFFER— "": "5242880" // 5MB = 102410245. Default is 1MB in Node.js

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 1 concrete improvement we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/mcp-server-kubernetes-05n7al)](https://m8ven.ai/mcp/mcp-server-kubernetes-05n7al)

commit: 04a4bbb8dd68e4d2897b467ba23dfa61048410d7

code hash: 4acac34aa8b55d749e097ddd33add7d4ce0524e9c6dc43a1e2fe9b48eafdd5b9

verified: 6/16/2026, 12:07:35 PM

view raw JSON →