{"id":"poly-mcp-iot-edge-mcp-server","name":"IoT-Edge-MCP-Server","homepage":null,"repo_url":"https://github.com/poly-mcp/IoT-Edge-MCP-Server","category":"infrastructure","subcategories":[],"tags":["mcp","iot","industrial-iot","scada","plc","mqtt","modbus","fastapi","influxdb","redis","python","edge-computing","ai-agents","tooling"],"what_it_does":"Provides an MCP server for Industrial IoT/SCADA/PLC that unifies MQTT sensors/actuators and Modbus TCP/RTU device operations, with optional time-series storage (InfluxDB) and caching (Redis). Exposes MCP tools via HTTP endpoints using FastAPI (with /docs, /health, /metrics) for agent orchestration (e.g., PolyMCP). Includes a simulation mode for running without external hardware.","use_cases":["AI agent orchestration for industrial monitoring (sensor reads, topology, system status)","Historical queries and aggregations over time-series sensor data (via InfluxDB, if configured)","Alarm management workflows (list active alarms, acknowledge)","Actuator control commands (e.g., valve/pump/motor/relay)","PLC integration via Modbus register/coil read-write","Development/testing using simulation mode without connecting real hardware"],"not_for":["Untrusted, internet-facing deployments without TLS, strong authentication, and network controls","High-safety or safety-critical control without additional operational safeguards, validation, and human-in-the-loop review","Use cases requiring standardized enterprise IAM (e.g., SSO) out of the box"],"best_when":"You need an MCP/agent-friendly control plane for mixed MQTT + Modbus industrial assets, and you can deploy with proper network isolation and production security settings.","avoid_when":"You cannot enforce TLS, IP allowlisting, and authenticated access, or you need fine-grained authorization mapped to individual asset/command permissions.","alternatives":["Direct MQTT/Modbus integration via custom agent code","Industrial OPC-UA servers with agent/tool wrappers","Other MCP servers or orchestration layers that connect to OT/IoT systems (non-Polymcp-specific)","Time-series/monitoring stacks with custom control APIs (e.g., Grafana/InfluxDB + bespoke actuator API)"],"af_score":63.0,"security_score":62.0,"reliability_score":32.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:32:17.143069+00:00","interface":{"has_rest_api":true,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":"http://<host>:8000/mcp","has_sdk":false,"sdk_languages":["Python"],"openapi_spec_url":"http://<host>:8000/docs","webhooks":false},"auth":{"methods":["API key (X-API-Key)","JWT bearer tokens"],"oauth":false,"scopes":false,"notes":"README describes production auth as API key plus JWT bearer tokens and recommends environment variables for keys; explicit per-scope/permission model is not detailed."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information provided; appears to be self-hosted software."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":63.0,"security_score":62.0,"reliability_score":32.5,"mcp_server_quality":78.0,"documentation_accuracy":60.0,"error_message_quality":0.0,"error_message_notes":"README outlines request-flow checks (413 payload size, public path allow, 403 IP allowlist fail, 429 rate limit exceeded, 401 invalid auth) but does not show concrete JSON error shapes/messages or tool invocation error formats.","auth_complexity":65.0,"rate_limit_clarity":45.0,"tls_enforcement":70.0,"auth_strength":75.0,"scope_granularity":35.0,"dependency_hygiene":55.0,"secret_handling":70.0,"security_notes":"Security-first design is claimed with API key + JWT, IP allowlisting, rate limiting, input validation, encryption (Fernet), HMAC signatures, and tamper-evident HMAC-chained audit logging. However, the README provides limited detail on TLS enforcement for the HTTP MCP endpoints themselves, the exact authorization model for tool/asset-level permissions, and how secrets are handled at runtime/logging beyond suggesting environment variables. Dependency hygiene/CVEs cannot be verified from the provided content.","uptime_documented":0.0,"version_stability":45.0,"breaking_changes_history":45.0,"error_recovery":40.0,"idempotency_support":"false","idempotency_notes":"Actuator command tools are described but idempotency semantics (safe retries, request IDs, deduplication) are not specified.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Tool invocations may have side effects (actuator commands, Modbus writes); agent retries without idempotency could cause unintended repeated actions.","Rate limits are mentioned but not fully specified in the visible README excerpt; agents may need backoff/queueing to avoid 429s.","MQTT optional TLS and Modbus network access require correct configuration; connection failures may surface as generic tool errors without standardized recovery guidance."]}}