Security review

Is alertmanager-mcp-server MCP safe to give an agent?

destructive capableunknowndestructive capablehealthy

A factual risk summary built from alertmanager-mcp-server’s real tool surface, execution model, and verification history — not a vibe. Trust score 44/100.


01What it can do

Has tools that can delete or irreversibly change data.

9 tools observeddestructive presentwrite present

02Execution model

Transport not yet confirmed, so the execution model is unknown. Treat as untrusted until verified.

Installs via uvx (`uvx alertmanager-mcp-server`) — it pulls and executes third-party code; pin versions and review the source.


03Permissions & auth

No auth scopes captured yet (scope extraction runs during the sandboxed handshake, gated until configured). Treat unconfirmed scopes as unknown, not as “none.”


04Verification
handshakepassed — tool surface is real
runstools_list:passed · handshake:passed · metadata:passed · metadata:passed
last_checked2026-06-30 22:01Z
sourcesPyPI [p4]

Reduce the risk

Wrap alertmanager-mcp-server in a governed Loadout — scoped permissions, approval rules on write/destructive tools, and audit logging — instead of handing your agent raw access.

Build a governed Loadout

See also: full server page · setup · alternatives

Is alertmanager-mcp-server MCP safe? — risk & permissions — MCPExplorer