JFrog MCP Server provides a bridge to the JFrog Platform, enabling AI assistants to interact with Artifactory repositories, builds, security scanning, and release management. Developed by JFrog LTD, this TypeScript implementation exposes over 20 specialized tools for operations like repository creation, build tracking, package vulnerability scanning, and release bundle distribution. The server authenticates via JFrog access tokens and handles errors gracefully with detailed messages. Particularly valuable for DevOps teams and developers who want to leverage AI assistants for artifact management, security analysis, and release automation without switching context to the JFrog web interface.
No reviews yet. Be the first to review!
Sign in to join the conversation
Check if JFrog platform is ready and functioning. Returns: Platform readiness status.
Create a new local repository in Artifactory. Inputs: key (string), rclass (string), packageType (string), description (optional string), projectKey (optional string), environments (optional string[]). Returns: Created repository details.
Create a new remote repository in Artifactory to proxy external package registries. Inputs: key (string), rclass (string), packageType (string), url (string), username (optional string), password (optional string), description (optional string), projectKey (optional string), environments (optional string[]). Returns: Created repository details.
Create a new virtual repository in Artifactory that aggregates multiple repositories. Inputs: key (string), rclass (string), packageType (string), repositories (string[]), description (optional string), projectKey (optional string), environments (optional string[]). Returns: Created repository details.
List all repositories in Artifactory with optional filtering. Inputs: type (optional string), packageType (optional string), project (optional string). Returns: List of repositories matching the filters.
Set properties on a folder in Artifactory, with optional recursive application. Inputs: folderPath (string), properties (object), recursive (optional boolean). Returns: Operation result.
Execute an Artifactory Query Language (AQL) query to search for artifacts, builds, or other entities in JFrog Artifactory. Inputs: query (string), domain (optional string), transitive (optional boolean), limit (optional number), offset (optional number), include_fields (optional string[]), sort_by (optional string), sort_order (optional string). Returns: Search results with metadata.
Return a list of all builds in the JFrog platform. Returns: List of builds.
Get details for a specific build by name. Inputs: buildName (string), project (optional string). Returns: Build details.
Return a list of all runtime clusters in the JFrog platform. Inputs: limit (optional integer), next_key (optional string). Returns: List of runtime clusters.
Return a runtime cluster by ID. Inputs: clusterId (integer). Returns: Cluster details.
List all running container images across runtime clusters with their security and operational status. Inputs: filters (optional string), num_of_rows (optional integer), page_num (optional integer), statistics (optional boolean), timePeriod (optional string). Returns: List of running images.
Get a list of all environments types in the JFrog platform with their details. Returns: List of environments.
Get a list of all projects in the JFrog platform with their details. Returns: List of projects.
Get detailed information about a specific project in the JFrog platform. Inputs: project_key (string). Returns: Project details.
Create a new project in the JFrog platform. Inputs: project_key (string), display_name (string), description (string), admin_privileges (object), storage_quota_bytes (number). Returns: Created project details.
Get publicly available information about a software package. Inputs: type (string), name (string), version (optional string). Returns: Package information including description, latest version, license, and URLs.
Get a list of versions of a publicly available package with publication dates. Inputs: type (string), name (string). Returns: List of package versions with publication dates.
Get a list of known vulnerabilities affecting a specific version of an open source package. Inputs: type (string), name (string), version (optional string), pageSize (optional number), pageCount (optional number). Returns: List of vulnerabilities affecting the specified package version.
Get detailed information about a specific vulnerability, including affected packages and versions. Inputs: cve_id (string), pageSize (optional number), pageCount (optional number). Returns: Detailed vulnerability information and affected packages.
Check the curation status of a specific package version. Inputs: packageType (string), packageName (string), packageVersion (string). Returns: Curation status (approved, blocked, or inconclusive).
Get artifacts issues summary in a repository or build, categorized and counted by severity. Inputs: paths (string array). Returns: A summary based on vulnerability count per severity for each artifact in the provided array plus the total issues.
