Docker MCP Server
A Model Context Protocol (MCP) server that enables AI agents to interact with Docker containers locally or remotely via SSH. Provides comprehensive Docker management capabilities including container operations, logs, monitoring, and cleanup.
Critical Issues
Security ScoreF
Vulnerabilities Found
Quality ScoreC
Maintenance62
Popularity46
Documentation46
Available Documentation
Compatibility67
Features
Supported Transports
Agentic MCP Risk Intelligence
MCPSafe checks risks unique to AI-connected MCP servers — prompt surfaces, model-controlled tools, credentials, filesystems, and network reachability.
The current scan did not find prompt-injection, agent command, exfiltration, unbounded filesystem, or MCP SSRF patterns.
Tool metadata can steer or hijack AI clients before a user invokes the tool.
Model-selected tool arguments can reach shell/process execution.
Tool context combines credential access with outbound network capability.
AI-controlled paths may access files outside the intended workspace.
AI-controlled URLs may reach local, metadata, or internal network services.
Vulnerabilities(59)
READMEDocker MCP Server
View sourceDocker MCP
⚠️ CONTAINER ESCAPE RISK ⚠️
Issue
By default, containers are created with privileged mode enabled, allowing:
- Host filesystem access
- Container escape
- Host network access
Impact
Complete host system compromise if a container is malicious.
Mitigation
Never use privileged mode. Use proper security contexts and capabilities.
Embed Security Badge
Add this badge to your README or documentation
[](https://mcpsafe.org/registry/docker-mcp-privileged)Server Information
- Source
- GITHUB
- Package
- docker-mcp
- Version
- 1.0.0
- Language
- go
- License
- MIT
- Transport
- STDIO
- Added
- Jan 20, 2026
- Updated
- Jul 13, 2026