jq-mcp-server

Provides an MCP (Model Context Protocol) server that exposes `jq` as an MCP tool, executing jq expressions over provided JSON input. Communicates via JSON-RPC over stdin/stdout and is intended to run in a minimal container; jq is invoked via Go exec with context.

Evaluated Apr 04, 2026 (16d ago)
Repo ↗ Automation mcp json jq data-transformation go command-execution agent-tools
⚙ Agent Friendliness
56
/ 100
Can an agent use this?
🔒 Security
44
/ 100
Is it safe for agents?
⚡ Reliability
22
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
78
Documentation
70
Error Messages
0
Auth Simplicity
100
Rate Limits
0

🔒 Security

TLS Enforcement
100
Auth Strength
0
Scope Granularity
0
Dep. Hygiene
50
Secret Handling
80

README claims execution safety via Go `exec.CommandContext`, non-root user (UID 1000), minimal scratch-based container, and no shell injection vulnerabilities. However, there is no mention of auth, sandboxing/quotas for jq execution, resource limits, or how errors are returned. Scratch/minimal image reduces attack surface but does not by itself prevent denial-of-service from expensive jq expressions.

⚡ Reliability

Uptime/SLA
0
Version Stability
40
Breaking Changes
30
Error Recovery
20
AF Security Reliability

Best When

You have an MCP-compatible host/agent and you want a lightweight, deterministic JSON transform/query primitive via jq.

Avoid When

You cannot control or constrain jq inputs/expressions (potential resource exhaustion) or you require network APIs/SDKs beyond MCP stdin/stdout.

Use Cases

  • Use an LLM or MCP client to transform/query JSON using jq expressions
  • Data extraction from JSON payloads (e.g., logs, API responses)
  • On-the-fly JSON filtering without writing custom code
  • Building MCP-based automations that need deterministic JSON transformation

Not For

  • Executing untrusted jq expressions without sandboxing concerns
  • Long-running/expensive jq operations without timeouts and limits
  • Using as an HTTP/web service for external clients (stdin/stdout MCP only)

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

OAuth: No Scopes: No

No authentication described; the MCP server appears to be run locally (stdin/stdout) without auth mechanisms.

Pricing

Free tier: No
Requires CC: No

No pricing information provided.

Agent Metadata

Pagination
none
Idempotent
True
Retry Guidance
Not documented

Known Gotchas

  • jq expressions may fail on invalid JSON or syntax; server behavior and error payload format are not documented in the provided README
  • No documented resource/time limits: complex jq could cause high CPU/memory usage
  • No documented constraints/escaping rules beyond passing `content` as a string; agents should ensure proper JSON string encoding

Alternatives

Directly run jq in your own tooling/agent runtime Write a small custom API that wraps jq with explicit quotas and authentication Use another MCP tool provider for JSON transformation (if available) Use an embedded JSON query language/library in your application (e.g., JMESPath)

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for jq-mcp-server.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-04-04.

8642
Packages Evaluated
17761
Need Evaluation
586
Need Re-evaluation
Community Powered