arcane-mcp

arcane-mcp

Exposes Arcane Docker management capabilities to AI agents, covering containers, images, volumes, networks, Compose projects, registries, vulnerability scanning, and more with 123 tools across 13 modules.

Category
Visit Server

README

arcane-mcp

An MCP server that exposes Arcane Docker management capabilities to AI agents via the Model Context Protocol. Built with FastMCP.

Covers the core Docker management API: containers, images, volumes, networks, Compose projects, registries, vulnerability scanning, port mappings, webhooks, system management, updater, activities/events, and environment management.

125 tools across 14 modules.

Install

Not on PyPI. Install directly from GitHub:

# pip
pip install git+https://github.com/MikeCase/arcane-mcp.git

# uv
uv tool install git+https://github.com/MikeCase/arcane-mcp.git

# or clone and install locally
git clone https://github.com/MikeCase/arcane-mcp.git
cd arcane-mcp
uv sync

Configuration

Set these environment variables (or put them in a .env file in the working directory):

ARCANE_API_KEY=arc_your_api_key_here
ARCANE_BASE_URL=http://localhost:3552

OpenCode

Add to your opencode.json:

{
  "mcp": {
    "arcane-docker": {
      "type": "local",
      "command": ["arcane-mcp"],
      "env": {
        "ARCANE_API_KEY": "arc_your_key_here",
        "ARCANE_BASE_URL": "http://localhost:3552"
      }
    }
  }
}

Or set environment variables globally and omit them from the config.

Tools (125 total)

Containers (18)

list_containers, inspect_container, create_container, start_container, stop_container, restart_container, kill_container, pause_container, unpause_container, remove_container, redeploy_container, commit_container, update_container, set_container_auto_update, exec_in_container, get_container_logs, get_container_stats, get_container_counts

Images (19)

list_images, inspect_image, pull_image, remove_image, tag_image, prune_images, get_image_counts, build_image, search_images, upload_image, get_image_history, get_image_export, get_image_attestations, scan_image_vulnerabilities, get_image_vulnerabilities, get_vulnerability_summary, check_image_update, check_all_image_updates, get_image_update_summary

Volumes (18)

list_volumes, create_volume, inspect_volume, remove_volume, prune_volumes, get_volume_counts, get_volume_sizes, get_volume_usage, list_volume_backups, create_volume_backup, restore_volume_backup, delete_volume_backup, download_volume_backup, browse_volume, read_volume_file, create_volume_directory, upload_to_volume, delete_volume_file

Projects / Compose (17)

list_projects, get_project, deploy_project, redeploy_project, remove_project, update_project, get_project_counts, project_down, restart_project, build_project, archive_project, unarchive_project, pull_project_images, get_project_compose, get_project_file, update_project_services, get_project_runtime

Networks (9)

list_networks, create_network, inspect_network, remove_network, connect_container_to_network, disconnect_container_from_network, prune_networks, get_network_counts, get_network_topology

Environments (5)

list_environments, get_environment, create_environment, update_environment, remove_environment

System (9)

get_docker_info, get_docker_version, prune_system, get_system_health, check_system_upgrade, trigger_upgrade, start_all_containers, start_stopped_containers, stop_all_containers

Activities & Events (7)

list_activities, get_activity, cancel_activity, clear_activity_history, list_events, get_environment_events, delete_event

Container Registries (6)

list_registries, create_registry, get_registry, update_registry, delete_registry, test_registry

Vulnerabilities (6)

get_vulnerability_summary_all, list_all_vulnerabilities, ignore_vulnerability, list_ignored_vulnerabilities, unignore_vulnerability, get_scanner_status

Webhooks (5)

trigger_webhook, list_webhooks, create_webhook, update_webhook, delete_webhook

Updater (3)

run_updater, get_updater_status, get_updater_history

Ports (1)

list_ports

Operations / Safety (2)

confirm_operation, read_audit_log

Usage

All resource tools accept env_id: str = "0" to target a specific Arcane environment (local Docker is "0", remote agents use UUIDs). Remote agent operations can pass agent_token: str | None for authentication via the X-Arcane-Agent-Token header.

Safety

Destructive operations use a three-layer safety system:

1. Confirmation tokens (two-step handshake)

Every tool that removes, prunes, kills, restores, or overwrites returns a short-lived confirmation_token instead of executing. The agent must call confirm_operation(token) as a separate tool call to proceed. Tokens expire after 120 seconds.

remove_container("my-app")
→ {"warning": "...", "confirmation_token": "a1b2c3d4e5f6", "target": "my-app"}

confirm_operation(token="a1b2c3d4e5f6")
→ {"success": true, ...}

This prevents an agent from blasting through a safety gate in one call — it must stop, process the warning, and make a second call.

2. Dry-run mode (prune/cleanup tools)

Prune operations (prune_images, prune_volumes, prune_networks, prune_system, clear_activity_history) default to dry_run=True, showing what would be affected without making changes:

prune_images()
→ {"dry_run": true, "warning": "Dry-run. Set dry_run=False to proceed.", "target": "all"}

prune_images(dry_run=False)
→ {"warning": "...", "confirmation_token": "..."}

3. Audit log

Every confirmed destructive operation is recorded to a structured JSON-lines audit log. Read it anytime:

read_audit_log(lines=10)
→ [{"timestamp": "2026-06-29T...", "action": "remove_container", "target": "my-app", "env_id": "0"}]

Set ARCANE_MCP_AUDIT_LOG environment variable to change the log file path (default: ~/.arcane-mcp-audit.log).

Development

git clone https://github.com/MikeCase/arcane-mcp.git
cd arcane-mcp
uv sync
uv run fastmcp run src/arcane_mcp/server.py

License

MIT

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
E2B

E2B

Using MCP to run code via e2b.

Official
Featured
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured