io.github.OrygnsCode

opa-mcp

OPA MCP

Author, validate, debug, and explain OPA Rego policies through any MCP-compatible client.

stdiocommunityapplication

Package Details

@orygn/opa-mcp

0.2.0https://www.npmjs.com/package/@orygn/opa-mcp
Transportstdio
Runtimenpx

Environment Variables

OPA_URL
Default:http://localhost:8181

Base URL of a running OPA server. Required only for opa_* runtime tools, not for rego_* language tools.

OPA_TOKEN
Secret

Bearer token for OPA running with --authentication=token.

OPA_BINARY
Default:opa

Path to the opa binary. Defaults to 'opa' on PATH.

REGAL_BINARY
Default:regal

Path to the regal binary (optional, used by rego_lint). Defaults to 'regal' on PATH.

CONFTEST_BINARY
Default:conftest

Path to the conftest binary (optional, used by conftest_* tools). Defaults to 'conftest' on PATH.

OPA_MCP_ALLOWED_PATHS

Comma-separated list of root directories tools may read/write. When unset, file-based tools refuse to access the disk.

GITHUB_TOKEN
Secret

GitHub personal access token with the "gist" scope. Required only for rego_playground_share.

docker.io/orygn/opa-mcp:0.2.0

https://hub.docker.com/r/orygn/opa-mcp
Transportstdio

Environment Variables

OPA_URL
Default:http://host.docker.internal:8181

Base URL of a running OPA server.

OPA_TOKEN
Secret

Bearer token for OPA authentication.

GITHUB_TOKEN
Secret

GitHub personal access token with the "gist" scope. Required only for rego_playground_share.