io.github.NotHarshhaa

mainframe-mcp-server

MCP server for IBM z/OS jobs, datasets, USS, and operational diagnostics via Zowe SDK.

stdiocommunityapplication

Package Details

Transportstdio

Environment Variables

ZOSMF_HOST(str)
Required

z/OSMF hostname or IP address

ZOSMF_PORT(num)

z/OSMF HTTPS port (default 443)

ZOSMF_BASE_PATH(str)

Optional API gateway or mediation layer prefix for z/OSMF

ZOSMF_USER(str)

z/OS user id (required with ZOSMF_PASSWORD unless ZOSMF_TOKEN is set)

ZOSMF_PASSWORD(str)
Secret

Password for basic auth (required with ZOSMF_USER unless ZOSMF_TOKEN is set)

ZOSMF_TOKEN(str)
Secret

Auth token (alternative to user/password)

ZOSMF_TOKEN_TYPE(str)

Token type when using ZOSMF_TOKEN (e.g. LTPA2)

ZOSMF_REJECT_UNAUTHORIZED(bool)

Verify TLS certificates (true in production)

LOG_LEVEL(str)

Log level: fatal, error, warn, info, debug, trace, silent

MCP_TRANSPORT(str)

Transport: stdio (IDE) or sse (container/network)

MCP_SSE_PORT(num)

Listen port when MCP_TRANSPORT=sse

MAX_JOB_OUTPUT_LINES(num)

Max lines returned from a single spool DD

MAX_DATASET_READ_LINES(num)

Max lines returned from dataset or USS reads

MAX_JES_SPOOL_FILES(num)

Max spool files fetched during diagnostics

MAX_AUDIT_LINES(num)

Max RACF audit log lines per query

CMCI_CONTEXT(str)

CICSplex name or region APPLID (required for CICS tools)

CMCI_HOST(str)

CMCI hostname (defaults to ZOSMF_HOST)

CMCI_PORT(num)

CMCI HTTPS port (default 1490)

CMCI_BASE_PATH(str)

CMCI REST base path

DB2_LOCATION(str)

Db2 subsystem location name (required for Db2 tools)

DB2_HOST(str)

Db2 REST hostname (defaults to ZOSMF_HOST)

DB2_PORT(num)

Db2 REST port (default 50400)

DB2_BASE_PATH(str)

Db2 REST base path

SMF_SUMMARY_DATASET(str)

Optional SMF summary dataset for offline metrics

RMF_METRICS_ENABLED(bool)

Query z/OSMF RMF metrics when available

RACF_AUDIT_USS_PATH(str)

USS path to RACF audit log file

RACF_AUDIT_DATASET(str)

Sequential dataset containing RACF audit records

SECURITY_READ_ONLY(bool)

When true, blocks write tools such as submit_jcl

SECURITY_ALLOWED_TOOLS(str)

Comma-separated allowlist of MCP tool names

SECURITY_BLOCKED_TOOLS(str)

Comma-separated blocklist of MCP tool names

SECURITY_ALLOWED_DATASET_PATTERNS(str)

Comma-separated dataset patterns (e.g. USERDEV.*,SYS1.*)

SECURITY_ALLOWED_USS_PATHS(str)

Comma-separated USS path prefixes

SECURITY_AUDIT_LOGGING(bool)

Log every tool invocation to stderr (SIEM-friendly JSON)

SECURITY_MAX_JCL_BYTES(num)

Maximum inline JCL size for submit_jcl