Prometheus MCP Server

MCP server for querying and discovering Prometheus metrics, labels, targets, and runtime information.

Overall Score71/100

Score Breakdown

Authentication & Identity1 finding↓17/25

Tool Schema Quality3 findings↓11/25

Permission Granularity20/20

LLM Safety15/15

Data Exposure2 findings↓5/10

Maintenance & Trust1 finding↓3/5

Server Info

Package: prometheus-mcp
Registry: npm
Repository: idanfishman/prometheus-mcp
Maintainer: Community
Category: Developer Tools
Tags: monitoringmetricsalerting
Last Scanned: 7 Apr 2026

Findings

7 issues

Authentication & Identity

MEDIUMHTTP/SSE transport supports per-request credentials

Supports both stdio and StreamableHTTP transport via Express. No authentication on the HTTP endpoint itself. Prometheus URL is configured via env var; the Prometheus API is assumed to handle its own auth. No OAuth or bearer token support on the MCP HTTP layer.

Remediation

Implement the MCP OAuth spec so users authenticate directly without platform mediation.

Tool Schema Quality

MEDIUMOnly 0 of 10 schemas have parameter constraints

Most schemas lack maxLength, enum, or pattern constraints on string parameters.

Remediation

Add constraints to string parameters, especially on write operations.

CRITICALDangerous execution surface: prometheus_query accepts arbitrary PromQL expressions

Tool allows raw code/query execution which could be exploited via prompt injection.

Remediation

Use parameterized queries or validated command sets.

CRITICALDangerous execution surface: prometheus_query_range accepts arbitrary PromQL expressions

Tool allows raw code/query execution which could be exploited via prompt injection.

Remediation

Use parameterized queries or validated command sets.

Data Exposure

MEDIUM3 list operations lack pagination

prometheus_list_metrics, prometheus_list_labels, and prometheus_list_targets return full result sets without pagination parameters. Query results are also returned in full. No field selection is supported.

Remediation

Add limit/offset or cursor-based pagination.

LOWNo field selection on responses

Responses return full records rather than projected fields.

Remediation

Implement field selection to return only relevant fields.

Maintenance & Trust

LOWCommunity-maintained by Idan Fishman

No official vendor backing.

Remediation

Seek vendor verification.

Tools

10 total

Name	Description	Risk
prometheus_list_metrics	List all available Prometheus metrics	read
prometheus_metric_metadata	Get metadata for a specific Prometheus metric	read
prometheus_list_labels	List all available Prometheus labels	read
prometheus_label_values	Get all values for a specific Prometheus label	read
prometheus_list_targets	List all Prometheus targets	read
prometheus_scrape_pool_targets	Get targets for a specific scrape pool	read
prometheus_runtime_info	Get Prometheus runtime information	read
prometheus_build_info	Get Prometheus build information	read
prometheus_query	Execute a Prometheus query	read
prometheus_query_range	Execute a Prometheus range query	read

Deploy Prometheus MCP Server securely

CompleteFlow adds per-user authentication, permission scoping, and audit logging to any MCP server out of the box.

Deploy on CompleteFlow