{"id":"echelon-ai-labs-servicenow-mcp","name":"servicenow-mcp","homepage":null,"repo_url":"https://github.com/echelon-ai-labs/servicenow-mcp","category":"automation","subcategories":[],"tags":["mcp","servicenow","automation","it-operations","agent-tools","sse","python"],"what_it_does":"Provides an MCP server that lets an AI client (e.g., Claude) interact with a ServiceNow instance: query records, and perform actions like creating/updating/deleting records, running scripts/workflows, and managing service catalog and related ITSM artifacts via ServiceNow APIs. Supports MCP over stdio and an SSE-based web transport.","use_cases":["Agent-assisted ITSM operations in ServiceNow (incidents, changes, knowledge, catalog items)","Automating catalog item creation/updates and workflow/UI policy management","Building operational assistants that can query ServiceNow data and take actions","Change/approval orchestration through scripted MCP tool calls","Using tool packaging to restrict the set of actions exposed to the model"],"not_for":["Untrusted/automated workloads without strict permissioning (tools can create/update/delete ServiceNow data)","Environments where outbound network access to ServiceNow must be avoided","Use as a general-purpose ServiceNow client without MCP/agent controls and governance"],"best_when":"You need an agent to safely perform structured ServiceNow tasks and you can control authentication, tool scope (via MCP_TOOL_PACKAGE), and operational permissions.","avoid_when":"You cannot ensure least-privilege credentials or you need strong guarantees around idempotency/audit for write/delete operations.","alternatives":["Direct use of ServiceNow REST API (custom automation) with your own guardrails","ServiceNow scripting/automation frameworks (Flow Designer, scheduled jobs) without agent-driven tool calls","Other MCP ServiceNow connectors (if available) or generic HTTP/MCP wrappers you can constrain"],"af_score":53.8,"security_score":64.8,"reliability_score":22.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:36:25.437635+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Basic","OAuth","API Key"],"oauth":true,"scopes":false,"notes":"Auth is configured via environment variables (SERVICENOW_AUTH_TYPE) and corresponding credentials in a .env or CLI params. README does not describe fine-grained scopes beyond the ServiceNow-side permissions tied to the credentials."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information in the provided content; this appears to be a self-hosted open-source MCP server."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":53.8,"security_score":64.8,"reliability_score":22.5,"mcp_server_quality":70.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":80.0,"rate_limit_clarity":10.0,"tls_enforcement":85.0,"auth_strength":70.0,"scope_granularity":40.0,"dependency_hygiene":55.0,"secret_handling":70.0,"security_notes":"Transport security likely relies on HTTPS to ServiceNow (README uses instance URL); SSE mode runs a Starlette/Uvicorn app but the README does not specify TLS or access controls for the SSE endpoints. Authentication options include Basic/OAuth/API key, but the README does not discuss scoped permissions for MCP tools. Credentials are passed via environment variables/.env, which is good practice, but the README does not confirm redaction in logs or safe error handling. Dependency hygiene cannot be verified from provided content; versions are only listed in dependencies.","uptime_documented":0.0,"version_stability":30.0,"breaking_changes_history":30.0,"error_recovery":30.0,"idempotency_support":"false","idempotency_notes":"The README lists create/update/delete and submit/approve-style tools but does not document idempotency behavior (e.g., idempotency keys or safe retries).","pagination_style":"unknown","retry_guidance_documented":false,"known_agent_gotchas":["Write/delete tools are broadly exposed; rely on tool packaging (MCP_TOOL_PACKAGE) and least-privilege credentials to prevent destructive actions.","Retries/timeouts are not documented; agent should avoid blindly retrying non-idempotent operations.","SSE mode exposes a web server; ensure network exposure and auth controls are handled outside the shown README."]}}