An implementation of Model Context Protocol (MCP) server for Argo CD.
# Add to your Claude Code skills
git clone https://github.com/argoproj-labs/mcp-for-argocdGuides for using mcp servers skills like mcp-for-argocd.
Last scanned: 5/18/2026
{
"issues": [
{
"type": "npm-audit",
"message": "@hono/node-server: @hono/node-server: Middleware bypass via repeated slashes in serveStatic",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "brace-expansion: brace-expansion: Zero-step sequence causes process hang and memory exhaustion",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "express-rate-limit: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "fast-uri: fast-uri vulnerable to path traversal via percent-encoded dot segments",
"severity": "high"
},
{
"type": "npm-audit",
"message": "flatted: Prototype Pollution via parse() in NodeJS flatted",
"severity": "high"
},
{
"type": "npm-audit",
"message": "hono: Hono missing validation of cookie name on write path in setCookie()",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "ip-address: ip-address has XSS in Address6 HTML-emitting methods",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "path-to-regexp: path-to-regexp vulnerable to Denial of Service via sequential optional groups",
"severity": "high"
},
{
"type": "npm-audit",
"message": "picomatch: Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching",
"severity": "high"
}
],
"status": "WARNING",
"scannedAt": "2026-05-18T08:04:04.494Z",
"semgrepRan": false,
"npmAuditRan": true,
"pipAuditRan": true
}mcp-for-argocd is an open-source mcp servers skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by argoproj-labs. An implementation of Model Context Protocol (MCP) server for Argo CD. It has 529 GitHub stars.
mcp-for-argocd returned warnings in SkillsLLM's automated security scan. It has no critical vulnerabilities, but review the flagged issues in the Security Report section before adding it to your workflow.
Clone the repository with "git clone https://github.com/argoproj-labs/mcp-for-argocd" and add it to your Claude Code skills directory (see the Installation section above).
mcp-for-argocd is primarily written in TypeScript. It is open-source under argoproj-labs on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other MCP Servers skills you can browse and compare side by side. Open the MCP Servers category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh mcp-for-argocd against similar tools.
No comments yet. Be the first to share your thoughts!
Top skills in this category by stars
Requires a passing catalog security scan. Resolve the flagged issues and resubmit to enable featuring.
An implementation of Model Context Protocol (MCP) server for Argo CD, enabling AI assistants to interact with your Argo CD applications through natural language. This server allows for seamless integration with Visual Studio Code and other MCP clients through stdio and HTTP stream transport protocols.
The server provides the following ArgoCD management tools:
list_clusters: List all clusters registered with ArgoCDget_appproject: Get detailed information about a specific AppProject (project)list_applications: List and filter all applicationsget_application: Get detailed information about a specific applicationcreate_application: Create a new applicationupdate_application: Update an existing applicationdelete_application: Delete an applicationsync_application: Trigger a sync operation on an applicationget_application_resource_tree: Get the resource tree for a specific applicationget_application_managed_resources: Get managed resources for a specific applicationget_application_workload_logs: Get logs for application workloads (Pods, Deployments, etc.)get_resource_events: Get events for resources managed by an applicationget_resource_actions: Get available actions for resourcesrun_resource_action: Run an action on a resource.cursor/mcp.json file in your project:{
"mcpServers": {
"argocd-mcp": {
"command": "npx",
"args": [
"argocd-mcp@latest",
"stdio"
],
"env": {
"ARGOCD_BASE_URL": "<argocd_url>",
"ARGOCD_API_TOKEN": "<argocd_token>"
}
}
}
}
.vscode/mcp.json file in your project:{
"servers": {
"argocd-mcp-stdio": {
"type": "stdio",
"command": "npx",
"args": [
"argocd-mcp@latest",
"stdio"
],
"env": {
"ARGOCD_BASE_URL": "<argocd_url>",
"ARGOCD_API_TOKEN": "<argocd_token>"
}
}
}
}
claude_desktop_config.json configuration file:{
"mcpServers": {
"argocd-mcp": {
"command": "npx",
"args": [
"argocd-mcp@latest",
"stdio"
],
"env": {
"ARGOCD_BASE_URL": "<argocd_url>",
"ARGOCD_API_TOKEN": "<argocd_token>"
}
}
}
}
If your Argo CD instance uses self-signed certificates or certificates from a private Certificate Authority (CA), you may need to add the following environment variable to your configuration:
"NODE_TLS_REJECT_UNAUTHORIZED": "0"
This disables TLS certificate validation for Node.js when connecting to Argo CD instances using self-signed certificates or certificates from private CAs that aren't trusted by your system's certificate store.
Warning: Disabling SSL verification reduces security. Use this setting only in development environments or when you understand the security implications.
The server connects to ArgoCD using a base URL and an API token.
The ArgoCD API token is a secret and is only ever read from the transport layer, never from a tool-call argument:
x-argocd-api-token.ARGOCD_API_TOKEN (all transports).This is the default token. It is mandatory unless a token registry is configured: on the HTTP transport, a connection that supplies no token (neither header nor env var) is rejected with 400 Bad Request, but when a registry is configured a tokenless connection is allowed because each call resolves its own registry token. Keeping the token out of tool arguments ensures it never enters prompts, model context, or tool-call logs.
The base URL may be supplied at the session level (resolved once when the server starts or when an HTTP client connects):
x-argocd-base-url.ARGOCD_BASE_URL (all transports).In addition, every tool accepts an optional argocdBaseUrl argument:
argocdBaseUrl is optional and overrides the default for that single call.argocdBaseUrl is required; a call without it returns an error.To target multiple ArgoCD instances, each with its own token, configure a token registry. Because the tokens are secrets, the registry is read from a JSON file, not an environment variable — point ARGOCD_TOKEN_REGISTRY_PATH at the file (e.g. a mounted Kubernetes secret). This keeps the tokens out of the process environment, crash dumps, and child-process inheritance.
ARGOCD_TOKEN_REGISTRY_PATH=/app/argocd-mcp/token-registry.json
The file contains a JSON array mapping a base URL to the token that should be used for it:
[
{ "baseUrl": "https://argo-a.example.com", "token": "<token-a>" },
{ "baseUrl": "https://argo-b.example.com", "token": "<token-b>" }
]
Secure the file. Restrict it to the server's user (e.g.
chmod 400) and prefer a secret-management mechanism (Kubernetes secret volume, Vault agent, etc.) over a plaintext file on disk.
Local development. The
make run/make devtargets run without a registry by default; passARGOCD_TOKEN_REGISTRY_PATH=/path/to/tokens.jsonto use one. Do not place the file underdist/—tsupruns withclean: trueand wipes that directory on every build. See Running locally.
With a registry configured, a caller targets an instance by passing only the (non-secret) argocdBaseUrl argument; the server pairs it with the registered token. The token never appears in the tool-call payload.
The server resolves calls using one of two distinct tokens. Keeping them straight is what makes the security model work:
| Default token | Registry token | |
|---|---|---|
| Source | x-argocd-api-token header / ARGOCD_API_TOKEN env var (the session credential) |
A token entry in the ARGOCD_TOKEN_REGISTRY_PATH JSON file, keyed by baseUrl |
| Scope | The default base URL only (x-argocd-base-url / ARGOCD_BASE_URL) |
The specific base URL its entry is keyed to |
| Used for | A call tha |