Tracked packageView full profile for kubernetes-mcp-server →

MCPSafe.io

Security pre-install checks for MCP servers.

Mostly safe — a couple of notes worth reading.

Compare to another server

github · kubernetes-mcp-serverHEAD

Item: kubernetes-mcp-server
Rating: 4
Author: MCPSafe

Scanned 5/3/2026, 6:42:07 PM·Cached result·Fast Scan·45 rules·How we decide ↗

AIVSS Score

3.2/ 10

Low

Severity Breakdown

critical

high

medium

low

MCP Server Information

Packagekubernetes-mcp-server

VersionHEAD

SourceGITHUB

LicenseApache-2.0

Publishercontainers

Package age1y 2m

Stars1.5K

Downloads/wk—

Dependencies0

Repositoryhttps://github.com/containers/kubernetes-mcp-server

Findings

Showing 1–30 of 34 findings

medium (30)

«‹

34 findings

medium (34)

AIVSS 3.2CVSS 4.4

Container base image uses the floating :latest tag. This provides no reproducibility — the image content can change under you, and there is no signature to verify.

Evidence

COPY ./ ./

RUN make build-multiarch TARGETOS=${TARGETOS} TARGETARCH=${TARGETARCH}

FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
LABEL io.modelcontextprotocol.server.name="io.github.containers/kubernetes-mcp-server"
WORKDIR /app
COPY --from=builder /app/kubernetes-mcp-server /app/kubernetes-mcp-server

Remediation

Pin the base image by digest (e.g. python@sha256:...) or at minimum an exact semver tag (e.g. python:3.12.4-slim-bookworm). Never use :latest in production Dockerfiles.

7	COPY ./ ./
8
9	RUN make build-multiarch TARGETOS=${TARGETOS} TARGETARCH=${TARGETARCH}
10
11	FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
12	LABEL io.modelcontextprotocol.server.name="io.github.containers/kubernetes-mcp-server"
13	WORKDIR /app
14	COPY --from=builder /app/kubernetes-mcp-server /app/kubernetes-mcp-server

1	FROM --platform=$BUILDPLATFORM golang:latest AS builder
2
3	ARG TARGETOS=linux
4	ARG TARGETARCH=amd64

56	print(f"Downloading {binary_name} from {release_url}")
57	with tempfile.NamedTemporaryFile(delete=False) as temp_file:
58	try:
59	with urllib.request.urlopen(release_url) as response:
60	shutil.copyfileobj(response, temp_file)
61	temp_file.close()

80	runs-on: ${{ matrix.os }}
81	steps:
82	- name: Checkout
83	uses: actions/checkout@v6
84	- uses: actions/setup-go@v6
85	with:
86	go-version: ${{ env.GO_VERSION }}

199	- name: Run mcpchecker evaluation
200	id: mcpchecker
201	uses: mcpchecker/mcpchecker/.github/actions/mcpchecker-action@v0.0.17
202	with:
203	eval-config: 'evals/openai-agent/eval.yaml'
204	mcpchecker-version: 'latest'

42	runs-on: ubuntu-latest
43	steps:
44	- name: Checkout
45	uses: actions/checkout@v6
46
47	- name: Generate Helm docs
48	run: make helm-docs

305	pull-requests: write
306	steps:
307	- name: Checkout
308	uses: actions/checkout@v6
309	with:
310	ref: main

35	runs-on: ${{ matrix.platform.runner }}
36	steps:
37	- name: Checkout
38	uses: actions/checkout@v6
39	- name: Install Podman # Not available in arm64 image
40	run: \|
41	sudo apt-get update

12	label:
13	runs-on: ubuntu-latest
14	steps:
15	- uses: actions/labeler@v6
16	with:
17	configuration-path: .github/labeler.yaml

42	kubernetes-mcp-server-*
43	# Ensure npm 11.5.1 or later is installed (required for https://docs.npmjs.com/trusted-publishers)
44	- name: Setup node
45	uses: actions/setup-node@v6
46	with:
47	node-version: 24
48	registry-url: 'https://registry.npmjs.org'

164	runs-on: ubuntu-latest
165	steps:
166	- name: Checkout
167	uses: actions/checkout@v6
168	with:
169	# Use pinned SHA to prevent TOCTOU attacks
170	# For PRs: the SHA captured when maintainer commented

32	- name: Download evaluation context
33	if: steps.check.outputs.should-report == 'true'
34	uses: actions/download-artifact@v8
35	with:
36	name: eval-context
37	path: eval-context/

287	- name: Upload PR context
288	if: always() && needs.check-trigger.outputs.is-pr == 'true'
289	uses: actions/upload-artifact@v7
290	with:
291	name: eval-context
292	path: eval-context/

310	ref: main
311
312	- name: Download mcpchecker results
313	uses: actions/download-artifact@v8
314	with:
315	name: mcpchecker-results
316	path: mcpchecker-results/

101	- ppc64le
102	steps:
103	- name: Checkout
104	uses: actions/checkout@v6
105	- uses: actions/setup-go@v6
106	with:
107	go-version: ${{ env.GO_VERSION }}

29	uses: actions/checkout@v6
30
31	- name: Install Helm
32	uses: azure/setup-helm@v5
33	with:
34	version: '3.19.2'

52	binary_suffix: ".exe"
53	steps:
54	- name: Checkout
55	uses: actions/checkout@v6
56	with:
57	ref: ${{ inputs.tag \|\| github.event.workflow_run.head_sha }}
58	persist-credentials: false

26	runs-on: macos-latest
27	steps:
28	- name: Checkout
29	uses: actions/checkout@v6
30	- uses: actions/setup-go@v6
31	with:
32	go-version: ${{ env.GO_VERSION }}

103	chmod +x "bundle/$ENTRY_POINT"
104
105	- name: Setup Node.js
106	uses: actions/setup-node@v6
107	with:
108	node-version: 24

172	ref: ${{ needs.check-trigger.outputs.pr-sha }}
173
174	- name: Setup Go
175	uses: actions/setup-go@v6
176	with:
177	go-version: ${{ env.GO_VERSION }}

33	- name: Build
34	run: make build-all-platforms
35	- name: Upload artifacts
36	uses: softprops/action-gh-release@v3
37	with:
38	generate_release_notes: true
39	make_latest: true

github · kubernetes-mcp-serverHEAD

medium (30)

medium (34)

LLM summary— kubernetes-mcp-server:HEAD

Signal scores

LLM judge panel

CVE check

Community trust

Scan details

MCP Server Information

Run this exact engine on your private repo — before users see it on /scan.

medium (30)

medium (34)

Severity breakdown