io.github.kubeleash/kubeleash

MCPcommunity
v0.3.0io.github.kubeleashUnknownUpdated 1mo agoGitHub

Kubernetes MCP server with RBAC-style, context-scoped guardrails for AI agents.

Point it at your over-privileged kubeconfig — it still can't nuke prod. Guardrails for AI agents on your cluster. kubeleash is a local MCP server for Kubernetes whose differentiator is RBAC-style, context-scoped access control. Point it at a kubeconfig — even a cluster-admin one — and a local policy file constrains what the agent can actually do, per kube context, with destructive actions gated…

Automatically indexed from public sources. Not yet verified by the developer on Forge.Claim this listing →
1mo agoLast update
Package
Authorio.github.kubeleash
LicenseUnknown
Version0.3.0
Sourcemcp-registry
Trust Status
B
60/100Good
Listed in Forge index+10/10
Publisher identity verified+0/25
Publisher: run `forge publish` from the package repo to claim ownership
Ed25519 publish signature+0/10
Included automatically when the publisher runs `forge publish`
Domain verification+0/5
Publisher: host /.well-known/forge.json on the package homepage with { "publisher": "<github-login>" }
CVE scan · not run+0/30
Not yet scanned — package must be on npm
Static analysis · clean+20/20
npm provenance (Sigstore)+0/5
Publish from GitHub Actions with the --provenance flag
Paste into Claude Code, Cursor, or any AI assistant to fix all gaps
StatusCommunity-indexed
PublisherUnverified
SignatureUnsigned
Domain
Provenance
DependenciesNot audited
Tool surface
Security scan✓ CleanvHEAD · 19d ago
EvalsNone
IndexedJun 13, 2026

Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.

About

Point it at your over-privileged kubeconfig — it still can't nuke prod. Guardrails for AI agents on your cluster. kubeleash is a local MCP server for Kubernetes whose differentiator is RBAC-style, context-scoped access control. Point it at a kubeconfig — even a cluster-admin one — and a local policy file constrains what the agent can actually do, per kube context, with destructive actions gated before any call reaches the cluster. []( &nbsp; [](#install) &nbsp; [](#install) Install launches the…

Keywords
mcp