suckless-mcp is a RUST MCP gateway that runs behind Caddy and turns your agentic CLI scripts into MCP tools. One binary, two config files, and a dir of cli skills. No framework, no bloat.
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"suckless-mcp": {
"command": "<see-readme>",
"args": []
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
The suckless MCP gateway. Turn any CLI tool into an MCP endpoint.
No automated test available for this server. Check the GitHub README for setup instructions.
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
No package registry to scan.
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in devops
MCP server for using the GitLab API
A Unified MCP Server Management App (MCP Manager).
MCP server for Komodo - manage Docker containers, servers, stacks, and deployments via AI
MCP-NixOS - Model Context Protocol Server for NixOS resources
MCP Security Weekly
Get CVE alerts and security updates for Suckless Mcp and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
The suckless MCP gateway. Turn any CLI tool into an MCP endpoint.
One binary. One config file. One key file. One dir of skills. Same --flags everywhere.
cargo install suckless-mcp
# Install with one command
curl -fsSL https://raw.githubusercontent.com/roverbird/suckless-mcp/main/install.sh -o install.sh
chmod +x install.sh
./install.sh
# Check status
suckless-mcp --status
The installer does everything:
/opt/skills/etc/suckless-mcp/config.toml with defaults/etc/suckless-mcp/keys.tomlsuckless system user# Copy binary
cp suckless-mcp /usr/local/bin/
# Create config
mkdir -p /etc/suckless-mcp
cat > /etc/suckless-mcp/config.toml << EOF
listen_host = "127.0.0.1"
listen_port = 8080
max_concurrent_tools = 5
EOF
# Add a skill
mkdir -p /opt/skills/weather
cat > /opt/skills/weather/skill.toml << EOF
name = "weather"
description = "Get weather forecast for a city"
public = false # true = no auth required
[runtime]
entrypoint = "weather.py"
timeout_secs = 30
[inputs.city]
type = "string"
flag = "--city"
required = true
description = "City name"
EOF
# Add your CLI tool
cp weather.py /opt/skills/weather/
# Add an API key
suckless-mcp --keys-add --id admin --key "your-secret-key"
# Run
suckless-mcp --serve
./install.sh --uninstall
suckless-mcp is a gateway that exposes your existing CLI tools as MCP endpoints.
skill.toml to understand your tool--flagsAI Agent → Caddy → suckless-mcp → your CLI tool (--flags)
← suckless-mcp ← JSON output
| Problem | Solution |
|---|---|
| MCP SDK requires rewriting tools | Keep your tools, add skill.toml |
| Need authentication | Built into gateway |
| Each tool needs its own server | One gateway, many tools |
| Setup complexity | One binary, two configs |
--flags and output JSONsuckless-mcp supports mixed auth on a single endpoint:
| Tool type | public flag | tools/list visibility | Can be called without auth |
|---|---|---|---|
| Public | true | Visible to everyone | ✓ Yes |
| Private | false (default) | Only visible to authenticated clients | ✗ No (returns 401) |
# Public tool example (weather data, public API)
name = "weather"
public = true
# Private tool example (database query)
name = "db_query"
public = false # or omit the field entirely
This gives you:
/mcp) for both public and private tools/opt/skills/weather/
├── skill.toml # Machine-readable manifest
└── weather.py # Your CLI tool
--flags only - no positional args, no shell string concatenation