devops-mcp lets AI assistants (Claude Desktop, Cursor, Windsurf) connect, scan, plan, and deploy on real Linux servers over SSH — without handing the model the keys to the kingdom. Reading is always allowed; anything that changes state on a production-like server is refused unless the user supplies a secret elevation token the model never sees. Three time-limited modes (SAFE / PROVISION / FULL) with auto-expiry, a production write-gate that demands backup confirmation for irrecoverable ops, shell-quoted arguments, prompt-injection-tagged output, and a full JSON-lines audit log. Self-hosted: clone and build the project locally — an online/hosted MCP is not safe for this security tooling. 32 tools, TypeScript, MIT.
Server Config
{
"mcpServers": {
"devops-mcp": {
"command": "node",
"args": [
"/absolute/path/to/devops-mcp/dist/index.js"
],
"env": {
"DEVOPS_MCP_ELEVATION_TOKEN": "<your-generated-token>",
"LOG_LEVEL": "info"
}
}
}
}