Skip to main content
hc
Submit
3 compared

CI/CD MCP servers compared

CI/CD and delivery MCP servers that let Claude manage pipelines and deployments, compared on trust, setup, and safety.

Open in the interactive comparison tool
FieldCircleCI MCP Server

Official CircleCI MCP server that lets LLMs query build and test failures, detect flaky tests, check pipeline status, fetch build logs, and validate config in CircleCI through natural language.

Open dossier 		Azure DevOps MCP Server for Claude

Official Microsoft Azure DevOps MCP server for querying work items, pull requests, repositories, pipelines, wikis, test plans, and project metadata through remote HTTP or local stdio transports.

Open dossier 		Argo CD MCP Server

Argo Project Labs MCP server for connecting Claude to Argo CD applications, clusters, managed resources, workload logs, events, sync operations, and resource actions through stdio or HTTP stream transports.

Open dossier
Trust
Install riskReview firstReview firstReview first
Notes Safety Privacy Safety Privacy Safety Privacy
Categorymcpmcpmcp
Sourcesource-backedsource-backedsource-backed
AuthorCircleCI-PublicMicrosoftArgo Project Labs
Added2026-06-112026-06-032026-06-06
Platforms
Claude CodeClaude Desktop
Claude CodeClaude Desktop
Claude CodeClaude Desktop
Source repo
Safety notesThe server runs locally via npx and is spawned by your MCP client; the published bin entrypoint is dist/index.js. Several tools take write/execution actions on your CI — run_pipeline, rerun_workflow, and run_rollback_pipeline can trigger pipelines, re-run workflows, and roll back deployed component versions. Review tool calls before approving them. In remote (HTTP/SSE) mode the server listens on a network port (default 8000); set REQUIRE_REQUEST_TOKEN=true to reject unauthenticated requests and avoid exposing it on untrusted networks. MAX_MCP_OUTPUT_LENGTH (default 50000) bounds response size; large log/artifact pulls are truncated rather than streamed in full.Start with read-only mode for investigation. The remote server supports the `X-MCP-Readonly: true` header, and the local server supports domain filtering so agents only load the Azure DevOps areas they need. Azure DevOps write-capable tools can create or update work items, pull requests, pull request comments, branches, wiki pages, test plans, test suites, test cases, and pipeline runs. Keep manual approval on any operation that changes project state. Treat Azure DevOps PATs, Microsoft Entra tokens, Azure CLI sessions, and MCP configuration as sensitive credentials. Do not paste tokens into prompts, commit them to repositories, or share them in issue/PR threads. Use toolsets, domains, project defaults, and team defaults to keep the MCP surface narrow. Loading every repo, work item, wiki, pipeline, and test plan tool can confuse the model and expose more context than the task needs. The remote MCP server is in public preview. Preview behavior, available tools, supported clients, and authentication requirements can change before general availability.Argo CD MCP can inspect clusters, applications, resource trees, managed resources, workload logs, and resource events. By default all tools are available; setting MCP_READ_ONLY to true disables create_application, update_application, delete_application, sync_application, and run_resource_action. sync_application can apply changes to Kubernetes resources and may prune resources depending on options. delete_application can remove Argo CD applications and may cascade deletion to child resources depending on options. run_resource_action can trigger actions on resources managed by an application. Disabling TLS certificate validation with NODE_TLS_REJECT_UNAUTHORIZED weakens transport security and should be limited to reviewed development contexts.
Privacy notesCIRCLECI_TOKEN is a personal API token that grants the LLM access to your CircleCI projects, build logs, test results, artifacts, and usage data — treat it as a secret and scope it appropriately. Build failure logs, test output, and artifacts retrieved by the tools are passed to your LLM/model provider; avoid exposing pipelines containing sensitive secrets or data. download_usage_api_data and find_underused_resource_classes surface organization-level CircleCI usage and resource metrics. Telemetry is collected by default; set DISABLE_TELEMETRY=true to opt out.Tool results can expose organization names, project names, teams, iteration data, capacity information, work item titles and fields, comments, attachments, pull request discussions, repository file content, branch names, commit metadata, pipeline logs, build artifacts, wiki pages, test plans, and search results. Work item comments, PR threads, pipeline logs, wiki pages, and attachments often contain customer data, production incident details, credentials, internal URLs, unreleased roadmap information, employee names, or security findings. MCP client logs, AI transcripts, generated code comments, local terminal history, and downstream ticket summaries can retain Azure DevOps content outside the original Azure DevOps audit, permission, and retention model. Microsoft Entra authentication exposes the user's organizational identity to the MCP client and constrains access to the authenticated user's Azure DevOps permissions.Argo CD application specs, cluster names, repository URLs, revisions, namespaces, Kubernetes manifests, resource events, and workload logs can reveal secrets, internal topology, deployment history, incident details, or customer data. ARGOCD_BASE_URL, ARGOCD_API_TOKEN, stateless HTTP request headers, cluster names, namespace names, and application names should stay out of prompts, issues, logs, screenshots, and committed files. Workload logs and resource events may include credentials, tokens, environment variables, error traces, or production incident context. HTTP transport should be authenticated and network-restricted so Argo CD tools are not reachable by untrusted clients.
Prerequisites
  • Node.js >= 18.0.0
  • A CircleCI Personal API token from https://app.circleci.com/settings/user/tokens
  • An MCP-compatible client (Cursor, VS Code, Claude Desktop, Windsurf, Copilot, or similar)
  • CircleCI projects you follow / have access to with the supplied token
  • Azure DevOps organization and project membership for the resources Claude should access
  • Microsoft Entra ID connected Azure DevOps organization for the remote MCP server
  • Visual Studio Code or Visual Studio for the Microsoft-supported remote MCP preview path
  • Node.js 20 or later and npx for the optional local `@azure-devops/mcp` stdio server
  • Node.js 18 or newer.
  • Argo CD instance with API access.
  • Argo CD API token scoped to the minimum applications, projects, clusters, and actions Claude should use.
  • Read-only mode enabled unless the workflow explicitly needs application or resource mutations.
Install
npx -y @circleci/mcp-server-circleci@latest
claude mcp add azure-devops -- npx -y @azure-devops/mcp YOUR_AZURE_DEVOPS_ORG
npx argocd-mcp@latest stdio
Config
{
  "mcpServers": {
    "circleci-mcp-server": {
      "command": "npx",
      "args": ["-y", "@circleci/mcp-server-circleci@latest"],
      "env": {
        "CIRCLECI_TOKEN": "your-circleci-token",
        "CIRCLECI_BASE_URL": "https://circleci.com"
      }
    }
  }
}

Manual-only setup:
{
  "servers": {
    "ado-remote-mcp": {
      "url": "https://mcp.dev.azure.com/YOUR_AZURE_DEVOPS_ORG",
      "type": "http",
      "headers": {
        "X-MCP-Toolsets": "repos,wiki,wit",
        "X-MCP-Readonly": "true"
      }
    }
  },
  "inputs": []
}
{
  "mcpServers": {
    "argocd-mcp": {
      "command": "npx",
      "args": ["argocd-mcp@latest", "stdio"],
      "env": {
        "ARGOCD_BASE_URL": "<argocd-url>",
        "ARGOCD_API_TOKEN": "<argocd-token>",
        "MCP_READ_ONLY": "true"
      }
    }
  }
}
Citations
ClaimUnclaimedUnclaimedUnclaimed
More comparisons, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.