luisgf/infrabroker
by Various
Infrastructure access broker for AI agents — SSH & Kubernetes. Per-operation ephemeral credentials minted by a separate signer; the model never touches one. MCP stdio / HTTP+OIDC.
MCP
luisgf/infrabroker
Added 13 July 2026
Overview
Open-source infrastructure access broker that provides AI agents with ephemeral SSH and Kubernetes credentials. Credentials are minted per operation by a separate signer, keeping long-lived secrets away from the model. Integrates via MCP stdio or HTTP with OIDC.
Best for
Best for
Developers building AI agents that need secure, temporary access to infrastructure
Use cases
- Granting temporary SSH access to servers for automated tasks
- Providing short-lived Kubernetes credentials for AI-driven operations
- Enforcing least-privilege access with per-operation authentication
How to use
Install
infrabroker serve-mcp Tools exposed
ssh_executessh_session_openssh_session_execssh_session_closessh_list_serversssh_put_filessh_get_filek8s_getk8s_listk8s_logsk8s_applyk8s_deletek8s_list_clusters
Notes
Open-source infrastructure access broker that provides AI agents with ephemeral SSH and Kubernetes credentials. Credentials are minted per operation by a separate signer, keeping long-lived secrets away from the model. Integrates via MCP stdio or HTTP with OIDC.
5 stars on GitHub. Last updated 2026-07-13. Licensed GPL-3.0.
Use cases
- Granting temporary SSH access to servers for automated tasks
- Providing short-lived Kubernetes credentials for AI-driven operations
- Enforcing least-privilege access with per-operation authentication
Pros
- Ephemeral credentials reduce the blast radius of a compromise
- Separate signer ensures the model never touches long-lived secrets
- Supports both SSH and Kubernetes access out of the box
Cons
- Very new project with few stars and limited community support
- Requires setting up and maintaining a separate signer service
- Lacks proven production track record due to early stage
Indexed from awesome-mcp-servers-punkpeye and enriched against its public facts.
Pros
- Ephemeral credentials reduce the blast radius of a compromise
- Separate signer ensures the model never touches long-lived secrets
- Supports both SSH and Kubernetes access out of the box
Cons
- Very new project with few stars and limited community support
- Requires setting up and maintaining a separate signer service
- Lacks proven production track record due to early stage
Pairs with
Other entries in the index that connect to this one. Click through to see the chain.
Get the free Developer’s Field Guide
A 27-page field guide to the AI coding workflow with Claude. Claude Code, MCP servers, the prompt patterns that work, and what to delegate. Free.
Enter your work email. We send it straight over, plus a few short notes worth knowing. Unsubscribe any time.