MCP.so
Sign In
Servers

pyATS MCP Server

@automateyournetwork

An MCP Server for pyATS (experimental)

Overview

What is pyATS MCP Server?

pyATS MCP Server wraps Cisco pyATS and Genie, letting AI agents (Claude, LangGraph, etc.) run show commands, apply configuration, and query network state over STDIO using JSON-RPC 2.0. It communicates solely via STDIN/STDOUT with no HTTP ports or REST endpoints.

How to use pyATS MCP Server?

Clone the repository, install dependencies (pip install -r requirements.txt), copy .env.example to .env, edit the environment file with device credentials and testbed path, then run python3 pyats_mcp_server.py. Alternatively, build and run via Docker, passing the .env file and mounting the testbed YAML.

Key features of pyATS MCP Server

  • Over a dozen tools for show commands, config, and diagnostics
  • Validates show commands against pipes/redirects/dangerous keywords
  • Blocks config commands containing reload, erase, delete, etc.
  • Dynamic test scripts run in a restricted sandbox
  • All credentials live in .env — never in source code or testbed file
  • Supports concurrent operations on multiple devices

Use cases of pyATS MCP Server

  • AI‑assisted network troubleshooting with parsed show commands
  • Automated configuration rollback and diff-based change management
  • Multi‑vendor health checks (CPU, memory, interfaces, routing)
  • Sandboxed execution of custom test scripts against live devices
  • Centralised ping and connectivity verification from network devices

FAQ from pyATS MCP Server

What protocols and platforms does the server support?

It supports Cisco IOS XE, IOS XR, NX‑OS, IOS, Arista EOS, Juniper Junos, Palo Alto PAN‑OS, Linux, and Windows, set via {DEVICENAME}_OS in .env. A generic OS option lets Unicon autodetect on first connect.

Are the tools safe for production use?

Show commands are validated against dangerous pipes, redirects, and keywords. Config commands are checked for reload, erase, write erase, delete, and format. Dynamic tests run in a sandbox that bans os, sys, subprocess and other risky imports.

How are device credentials handled?

Credentials are never stored in the testbed YAML or source code. All device‑specific credentials (username, password, enable password) are defined in the .env file using a {DEVICENAME}_{FIELD} naming convention and referenced in the testbed via %ENV{} substitution.

What are the runtime dependencies?

The server requires Python 3 and the packages listed in requirements.txt. It can be run locally or inside a Docker container built from the provided Dockerfile.

How does the server communicate with clients?

All communication uses STDIN/STDOUT and JSON‑RPC 2.0. There are no HTTP ports or REST endpoints, making it suitable for MCP clients like Claude and LangGraph.

Tags

More from Other