{"id":28664654,"url":"https://github.com/stacklok/toolhive","last_synced_at":"2026-04-28T13:07:26.492Z","repository":{"id":286963823,"uuid":"947349598","full_name":"stacklok/toolhive","owner":"stacklok","description":"ToolHive is an enterprise-grade platform for running and managing Model Context Protocol (MCP) servers.","archived":false,"fork":false,"pushed_at":"2026-04-01T09:45:57.000Z","size":96823,"stargazers_count":1694,"open_issues_count":251,"forks_count":197,"subscribers_count":15,"default_branch":"main","last_synced_at":"2026-04-01T09:46:33.039Z","etag":null,"topics":["ai","ai-security","aicodeassistant","golang","kubernetes","mcp","mcp-security","mcp-servers","mcp-tools","model-context-protocol","security"],"latest_commit_sha":null,"homepage":"https://stacklok.com/download/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stacklok.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":"MAINTAINERS.md","copyright":null,"agents":null,"dco":"dco.md","cla":null}},"created_at":"2025-03-12T14:49:15.000Z","updated_at":"2026-04-01T09:45:15.000Z","dependencies_parsed_at":"2025-05-23T11:17:56.930Z","dependency_job_id":"dc4dcbfa-6f4d-4375-89d7-808a580a101d","html_url":"https://github.com/stacklok/toolhive","commit_stats":null,"previous_names":["stackloklabs/toolhive","stacklok/toolhive"],"tags_count":314,"template":false,"template_full_name":null,"purl":"pkg:github/stacklok/toolhive","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stacklok%2Ftoolhive","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stacklok%2Ftoolhive/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stacklok%2Ftoolhive/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stacklok%2Ftoolhive/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stacklok","download_url":"https://codeload.github.com/stacklok/toolhive/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stacklok%2Ftoolhive/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31305971,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T09:48:21.550Z","status":"ssl_error","status_checked_at":"2026-04-02T09:48:19.196Z","response_time":89,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","ai-security","aicodeassistant","golang","kubernetes","mcp","mcp-security","mcp-servers","mcp-tools","model-context-protocol","security"],"created_at":"2025-06-13T13:01:58.469Z","updated_at":"2026-04-28T13:07:26.486Z","avatar_url":"https://github.com/stacklok.png","language":"Go","funding_links":[],"categories":["Aggregators \u0026 Gateways","Related","Text","[↑](#table-of-contents)Tools \u003ca name=\"tools\"\u003e\u003c/a\u003e","πŸ“š Projects (1974 total)","βš™οΈ Natural Language to Code Tools","MCP Servers","Model Context Protocol (MCP)","Go","Cloud Services","πŸ—οΈ Infrastructure, Utils \u0026 Orchestration","Containerised MCP Servers","Identity, signing and provenance","MCP Servers \u0026 Protocol","AI \u0026 ML (20)"],"sub_categories":["Gateways \u0026 Proxies","Integration Resources","Developer tools","Agent Tooling and MCP Security","MCP Servers","Cloud \u0026 DevOps","πŸ›‘οΈ Security Operations (Blue/Purple)","DevOps \u0026 Infrastructure","Supply chain beyond libraries"],"readme":"\u003cpicture\u003e\n \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/images/toolhive-byline-white.svg\"\u003e\n \u003cimg src=\"docs/images/toolhive-byline-black.svg\" alt=\"ToolHive logo\" width=\"500\"/\u003e\n\u003c/picture\u003e\n\n\u003cbr\u003e\n\n# The open source MCP platform trusted by developers and enterprises\n\n[![Release][release-img]][release] [![Build status][ci-img]][ci]\n[![Coverage Status][coveralls-img]][coveralls]\n[![License: Apache 2.0][license-img]][license]\n[![Star on GitHub][stars-img]][stars] [![Discord][discord-img]][discord]\n\n## Run any MCP server securely, instantly, anywhere.\n\nToolHive runs every MCP server in an isolated container, enforces identity and access policy per request, and gives platform teams the observability they need to put MCP in production.\n\n## Why ToolHive?\n\nHere are some of the more common use cases for ToolHive:\n\n\u003ctable\u003e\n \u003ctr valign=\"top\"\u003e\n \u003ctd\u003e\u003cstrong\u003eDevelopers.\u003c/strong\u003e Run MCP servers with more security and more (token) savings\u003c/td\u003e\n \u003ctd\u003e\u003cstrong\u003ePlatform Engineers.\u003c/strong\u003e Run MCP on your existing Kubernetes infrastructure\u003c/td\u003e\n \u003ctd\u003e\u003cstrong\u003eEnterprises.\u003c/strong\u003e Self-host MCP servers and stay in control of your data\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr valign=\"top\"\u003e\n \u003ctd\u003eConnect Claude Code, Cursor, GitHub Copilot, or your preferred client to MCP servers with a single click or command.\u003cbr\u003e\u003cbr\u003e\n ToolHive wraps every MCP server in an isolated container with a minimal permission file (no local credentials) and uses semantic tool search to reduce your token usage by up to 85%.\u003c/td\u003e\n \u003ctd\u003ePut an end to shadow MCP use by your developers, and give your security team the audit logs and identity enforcement they require.\u003cbr\u003e\u003cbr\u003e\n ToolHive includes a Kubernetes operator, so you can declare policies, integrate with your IdP and observability stack, emit OTel traces, and more … all with familiar tools and patterns.\u003c/td\u003e\n \u003ctd\u003eMost MCP solutions are SaaS, but your compliance requirements prohibit sensitive info from being processed by SaaS providers.\u003cbr\u003e\u003cbr\u003e\n ToolHive is the exception that allows you to self-host your MCP registry, gateway, etc. You can pilot the entire platform, and when you’re ready to scale, Stacklok’s got the added capabilities and expert team ready!\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr valign=\"top\"\u003e\n \u003ctd\u003e\u003ca href=\"https://stacklok.com/download/\"\u003eDownload ToolHive and get started\u003c/a\u003e\u003c/td\u003e\n \u003ctd\u003e\u003ca href=\"https://docs.stacklok.com/toolhive/guides-k8s/\"\u003eExplore the Kubernetes operator in our docs\u003c/a\u003e\u003cbr\u003e\u003cbr\u003e\u003ca href=\"https://stacklok.com/resources/how-to-run-ai-agents-on-kubernetes\"\u003eRead more about running MCP on Kubernetes\u003c/a\u003e\u003c/td\u003e\n \u003ctd\u003e\u003ca href=\"https://stacklok.com/platform/\"\u003eLearn more about Stacklok’s platform\u003c/a\u003e\u003cbr\u003e\u003cbr\u003e\u003ca href=\"https://docs.stacklok.com/toolhive/enterprise\"\u003eCompare open source ToolHive and Stacklok Enterprise\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\n\u003cpicture\u003e\n \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/images/toolhive-diagram-dark.svg\"\u003e\n \u003cimg src=\"docs/images/toolhive-diagram-light.svg\" alt=\"ToolHive diagram\" width=\"800\" style=\"padding: 20px 0\" /\u003e\n\u003c/picture\u003e\n\n## Quick links\n\n- πŸ“₯ [Downloads](https://stacklok.com/download/)\n- πŸ“š [Documentation](https://docs.stacklok.com/toolhive/)\n- πŸš€ Quickstart guides:\n - [Desktop app](https://docs.stacklok.com/toolhive/guides-ui/quickstart)\n - [CLI](https://docs.stacklok.com/toolhive/guides-cli/quickstart)\n - [Kubernetes Operator](https://docs.stacklok.com/toolhive/guides-k8s/quickstart)\n- πŸ’¬ [Discord](https://discord.gg/stacklok)\n- 🀝 [Contributing](#contributing)\n- \u003cimg src=\"docs/images/stacklok-favicon.svg\" width=\"20\" height=\"20\" style=\"vertical-align: middle\" /\u003e [Stacklok Enterprise](https://docs.stacklok.com/toolhive/enterprise)\n\n---\n\n## Core capabilities\n\n**ToolHive architecture: Gateway, Registry Server, Runtime, and Portal**\n\nToolHive is built on a [modular architecture](./docs/arch/README.md) to streamline secure MCP server management and integration. Here's how the main components work.\n\n### πŸ”Œ Gateway\n\nDefine dedicated endpoints from which your teams can securely and efficiently access tools.\n\n- Orchestrate multiple tools into a virtual MCP with a deterministic workflow engine\n- Define access policies and network endpoints\n- Centralize control of security policy, authentication, authorization, auditing, etc.\n- Integrate with your IdP for SSO (OIDC/OAuth compatible)\n- Customize and filter tools and descriptions to improve performance and reduce token usage\n- Connect with local clients like Claude Desktop, Cursor, VS Code, and VS Code Server\n\n### πŸ“¦ [Registry Server](https://github.com/stacklok/toolhive-registry-server)\n\nCurate a catalog of trusted servers your teams can quickly discover and deploy.\n\n- Integrate with the official MCP registry\n- Add custom MCP servers\n- Group servers based on role or use case\n- Manage your registry with an API-driven interface (or embed in existing workflows for seamless integration and governance)\n- Verify provenance and sign servers with built-in security controls\n- Preset configurations and permissions for a frictionless user experience\n\n### βš™οΈ Runtime\n\nDeploy, run, and manage MCP servers locally or in a Kubernetes cluster with security guardrails.\n\n- Deploy MCP servers in the cloud via Kubernetes for enterprise scalability\n- Run MCP servers locally via Docker or Podman\n- Proxy remote MCP servers securely for unified management\n- Kubernetes Operator for fleet and resource management\n- Leverage OpenTelemetry and Prometheus for monitoring and audit logging\n\n### πŸ’» Portal\n\nSimplify MCP adoption for developers and knowledge workers across your enterprise\n\n- Cross-platform [desktop app](https://github.com/stacklok/toolhive-studio) and browser-based [cloud UI](https://github.com/stacklok/toolhive-cloud-ui)\n- Make it easy for admins to curate MCP servers and tools\n- Automate server discovery\n- Install MCP servers with a single click\n- Compatible with hundreds of AI clients\n\n### How it works together\n\n1. **Admins** curate and organize MCP servers in the **Registry**, configuring access and policies.\n2. **Users** discover and request MCP servers from the **Portal**, and ToolHive orchestrates installation and access.\n3. **Runtime** securely deploys and manages MCP servers across local and cloud environments, integrating seamlessly with existing SDLC workflows, exporting analytics, and enforcing fine-grained access control.\n4. **Gateway** handles all inbound traffic, secures context and credentials, optimizes tool selection, and applies organizational policies.\n\n---\n\n## Flexible deployment\n\n### Desktop experience\n\nIndividual developers can get started in minutes with the desktop UI or CLI, then apply the same concepts in enterprise environments.\n\n**Key features:**\n\n- Run any MCP server from a container image, or build one dynamically from common package managers\n- Manage encrypted secrets and control network isolation with simple, local tooling\n- Test and validate MCP servers using built-in tools like the official MCP Inspector\n- Optimize token usage and tool execution with the MCP Optimizer\n\n**Get started with the UI:** [Quickstart](https://docs.stacklok.com/toolhive/guides-ui/quickstart), [How-to guides](https://docs.stacklok.com/toolhive/guides-ui/) \n**Get started with the CLI:** [Quickstart](https://docs.stacklok.com/toolhive/guides-cli/quickstart), [How-to guides](https://docs.stacklok.com/toolhive/guides-cli/), [Command reference](https://docs.stacklok.com/toolhive/reference/cli/thv)\n\n[**MCP guides**](https://docs.stacklok.com/toolhive/guides-mcp): learn how to run common MCP servers with ToolHive\n\n### Kubernetes Operator\n\nTeams and organizations manage MCP servers and registries centrally using familiar Kubernetes workflows.\n\n**Key features:**\n\n- Custom Resource Definitions for MCP servers, registries, and other ToolHive components\n- Secure execution with container-based isolation and multi-namespace support\n- Automated service creation and discovery, with ingress integration for secure access\n- Enterprise-grade security and observability: OIDC/OAuth SSO, secure token exchange, audit logging, OpenTelemetry, and Prometheus metrics\n- Hybrid registry server: curate from upstream registries, dynamically register local MCP servers, or proxy trusted remote services\n\n**Get started:** [Quickstart](https://docs.stacklok.com/toolhive/guides-k8s/quickstart), [How-to guides](https://docs.stacklok.com/toolhive/guides-k8s/), [CRD reference](https://docs.stacklok.com/toolhive/reference/crd-spec), [Example manifests](./examples/operator/)\n\n### Hybrid\n\nToolHive's complete solution for teams and enterprises supports MCP servers across all environments: on developer machines, inside your Kubernetes clusters, or hosted externally by trusted SaaS providers.\n\nEnd users access approved MCP servers through a secure, browser-based cloud UI. Developers can also connect using the ToolHive CLI or desktop UI for advanced integration and testing workflows.\n\nEnterprise teams can also leverage ToolHive to integrate MCP servers into custom internal tools, agentic workflows, or chat-based interfaces, using the same runtime and access controls.\n\n\u003cpicture\u003e\n \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/images/toolhive-platform-dark.svg\"\u003e\n \u003cimg src=\"docs/images/toolhive-platform-light.svg\" alt=\"ToolHive platform diagram\" width=\"800\" style=\"padding: 20px 0\" /\u003e\n\u003c/picture\u003e\n\n---\n\n## Contributing\n\nWe welcome contributions and feedback from the community!\n\n- πŸ› [Report issues](https://github.com/stacklok/toolhive/issues)\n- πŸ’¬ [Join our Discord](https://discord.gg/stacklok)\n\nIf you have ideas, suggestions, or want to get involved, check out our contributing guide or open an issue. Join us in making ToolHive even better!\n\n\u003ctable\u003e\u003ctr\u003e\u003ctd\u003e\n\nContribute to the CLI, API, and Kubernetes Operator (this repo):\n\n- 🀝 [Contributing guide](./CONTRIBUTING.md)\n- πŸ“– [Developer guides](./docs/README.md)\n- πŸ“ [Architecture documentation](./docs/arch/README.md)\n\nContribute to the UI, registry, and docs:\n\n- πŸ’» [Desktop UI repository](https://github.com/stacklok/toolhive-studio)\n- ☁️ [Cloud UI repository](https://github.com/stacklok/toolhive-cloud-ui)\n- πŸ“¦ [ToolHive registry server repository](https://github.com/stacklok/toolhive-registry-server)\n- πŸ› οΈ [ToolHive's built-in registry](https://github.com/stacklok/toolhive-catalog)\n- πŸ“š [Documentation repository](https://github.com/stacklok/docs-website)\n\n\u003c/td\u003e\n\u003ctd\u003e\n\n\u003cpicture\u003e\n \u003cimg src=\"docs/images/toolhive-mascot.png\" alt=\"ToolHive mascot\" width=\"250\" align=\"middle\"/\u003e\n\u003c/picture\u003e\n\n\u003c/td\u003e\u003c/tr\u003e\u003c/table\u003e\n\n---\n\n## License\n\nThis project is licensed under the [Apache 2.0 License](./LICENSE).\n\n\u003c!-- Badge links --\u003e\n\u003c!-- prettier-ignore-start --\u003e\n[release-img]: https://img.shields.io/github/v/release/stacklok/toolhive?style=flat\u0026label=Latest%20version\n[release]: https://github.com/stacklok/toolhive/releases/latest\n[ci-img]: https://img.shields.io/github/actions/workflow/status/stacklok/toolhive/run-on-main.yml?style=flat\u0026logo=github\u0026label=Build\n[ci]: https://github.com/stacklok/toolhive/actions/workflows/run-on-main.yml\n[coveralls-img]: https://coveralls.io/repos/github/stacklok/toolhive/badge.svg?branch=main\n[coveralls]: https://coveralls.io/github/stacklok/toolhive?branch=main\n[license-img]: https://img.shields.io/badge/License-Apache2.0-blue.svg?style=flat\n[license]: https://opensource.org/licenses/Apache-2.0\n[stars-img]: https://img.shields.io/github/stars/stacklok/toolhive.svg?style=flat\u0026logo=github\u0026label=Stars\n[stars]: https://github.com/stacklok/toolhive\n[discord-img]: https://img.shields.io/discord/1184987096302239844?style=flat\u0026logo=discord\u0026logoColor=white\u0026label=Discord\n[discord]: https://discord.gg/stacklok\n\u003c!-- prettier-ignore-end --\u003e\n\n\u003c!-- markdownlint-disable-file first-line-heading no-inline-html no-emphasis-as-heading --\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstacklok%2Ftoolhive","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstacklok%2Ftoolhive","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstacklok%2Ftoolhive/lists"}