{"id":"jenkinsci-mcp-server-plugin","name":"mcp-server-plugin","homepage":"https://plugins.jenkins.io/mcp-server/","repo_url":"https://github.com/jenkinsci/mcp-server-plugin","category":"devtools","subcategories":[],"tags":["ai","mcp","jenkins","automation","devtools","api","integration"],"what_it_does":"Provides a server-side MCP (Model Context Protocol) interface for Jenkins, exposing Jenkins jobs/builds and related operations as MCP tools via multiple HTTP-based transport endpoints (SSE, streamable HTTP, and stateless HTTP).","use_cases":["LLM/AI agents querying Jenkins for job/build status and metadata","Triggering Jenkins builds with parameters from an MCP client","Retrieving and searching Jenkins build logs via MCP tools","Integrating IDE/agent tooling (e.g., Copilot-like MCP clients) with Jenkins job browsing and SCM info"],"not_for":["Internet-facing deployments without strong network controls (since credentials are required and endpoints can be long-lived with SSE)","Use cases requiring a standardized SaaS billing/pricing model or hosted API; this is a Jenkins plugin","Workflows that require fine-grained OAuth-style scopes beyond Jenkins permissions (auth maps to Jenkins user/token)"],"best_when":"You operate Jenkins internally (or behind a gateway/VPN) and want MCP clients to interact with Jenkins tools over HTTP transports.","avoid_when":"You cannot protect Jenkins API tokens/credentials or cannot control origins/headers (the plugin allows optionally relaxing Origin validation), or you need strict rate-limit/usage guarantees that are not documented for the MCP layer.","alternatives":["Direct Jenkins REST API access using an agent-specific HTTP client","Jenkins web UI automation (less ideal for agents)","A dedicated MCP gateway/service that mediates and normalizes Jenkins REST calls with stronger auth/rate limiting"],"af_score":55.2,"security_score":46.2,"reliability_score":22.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:52:23.732688+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":"<jenkins-url>/mcp-server/sse (or /mcp-server/mcp, /mcp-server/message, /mcp-server/stateless)","has_sdk":false,"sdk_languages":["Java"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["HTTP Basic Authentication with Jenkins API token"],"oauth":false,"scopes":false,"notes":"Authentication is the same as Jenkins instance auth. The README describes using Jenkins personal access tokens via HTTP Basic auth. Optional Origin-header validation can be enabled via system properties, but by default it may be relaxed to support agents that omit the header."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing model described; as a Jenkins plugin, costs depend on Jenkins infrastructure and usage."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":55.2,"security_score":46.2,"reliability_score":22.5,"mcp_server_quality":78.0,"documentation_accuracy":72.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":60.0,"rate_limit_clarity":10.0,"tls_enforcement":55.0,"auth_strength":65.0,"scope_granularity":20.0,"dependency_hygiene":40.0,"secret_handling":45.0,"security_notes":"Transport security depends on deployment (examples include http for streamable/stateless but generally HTTPS should be used in practice; TLS enforcement not explicitly guaranteed by docs). Auth uses Jenkins API tokens over Basic auth; this is reasonably common but not scoped at an MCP-tool granularity (permissions follow the Jenkins user). README warns that Base64 is not encryption. Origin-header validation is optional and disabled by default, which may broaden exposure depending on network controls. Log volume is limited to a configurable max, reducing some risk of excessive data transfer/response size.","uptime_documented":0.0,"version_stability":55.0,"breaking_changes_history":0.0,"error_recovery":35.0,"idempotency_support":"false","idempotency_notes":"The README describes operations like triggerBuild that are inherently non-idempotent (it schedules a new build). No explicit idempotency keys or guidance documented for MCP tool calls.","pagination_style":"page-based for logs/jobs","retry_guidance_documented":false,"known_agent_gotchas":["Some MCP transports may have client compatibility quirks (README notes Copilot does not work well with streamable transport; suggests using SSE).","Stateless vs session-based transports can affect how clients manage connections and state.","Origin header validation is not enforced by default; if a client does not send Origin, deployments that enable strict Origin validation may reject requests.","Large log retrieval is limited via a system property (BuildLogsExtension.limit.max); agents should be prepared for truncated/limited logs."]}}