eBPF MCP
A secure MCP server for eBPF, designed for AI integration, kernel introspection, and automation.
๐ ebpf-mcp: AI-Compatible eBPF Control via Model Context Protocol
A secure, minimal, and schema-enforced MCP server for eBPF โ purpose-built for AI integration, kernel introspection, and automation.
๐ง What Is This?
ebpf-mcp is a secure Model Context Protocol (MCP) server that exposes a minimal set of structured tools to interact with eBPF โ optimized for safe AI control, automation agents, and human operators.
It enables loading, attaching, introspecting, and streaming eBPF programs โ all through strict JSON Schema contracts validated at runtime. No REST APIs, no shell escapes, and no bpftool wrappers.
๐ Quick Start
๐ฆ One-liner Installation
# Install ebpf-mcp server
curl -fsSL https://raw.githubusercontent.com/sameehj/ebpf-mcp/main/install.sh | sudo bash
# Start the service (runs on port 8080 by default)
sudo systemctl start ebpf-mcp
sudo systemctl enable ebpf-mcp
# Get your auth token
cat /etc/ebpf-mcp-token
# Check service status
sudo systemctl status ebpf-mcp
# View logs if needed
sudo journalctl -u ebpf-mcp -f
For air-gapped or development environments:
git clone https://github.com/sameehj/ebpf-mcp.git
cd ebpf-mcp
sudo ./install.sh v1.0.2
๐งช Test the Installation
# Run the complete test suite
cd scripts/
chmod +x test-ebpf-mcp-server.sh
./test-ebpf-mcp-server.sh <your-token>
If no token is provided, the script will prompt for it interactively.
๐ค Claude CLI Integration
Once installed, connect Claude to your eBPF server (runs on port 8080):
# Add MCP server to Claude CLI
claude mcp add ebpf http://localhost:8080/mcp \
-t http \
-H "Authorization: Bearer $(cat /etc/ebpf-mcp-token)"
# Start Claude with eBPF tools
claude --debug
# Optional: Test with MCP Inspector (requires Node.js)
npx @modelcontextprotocol/inspector http://localhost:8080/mcp
๐ Tutorials
Looking to get started in specific environments or with Cursor IDE?
๐งฐ VirtualBox Setup Guide
Learn how to configure and run ebpf-mcp inside a VirtualBox VM, with port forwarding, SSH access, and practical tips.
๐ฅ๏ธ Cursor IDE + eBPF-MCP Integration
Step-by-step guide for running the eBPF MCP server with Cursor IDE for AI-driven observability.
Example prompts:
> Get system info and kernel version> Load and attach a kprobe program to monitor sys_execve> Show me all active eBPF programs and their types> Stream events from ringbuffer maps for 10 seconds> Trace kernel errors for the next 5 seconds
๐ฅ Install Options
| Method | Command | Use Case |
|---|---|---|
| One-liner | curl ... | sudo bash | Production systems |
| Manual | git clone && sudo ./install.sh | Development/air-gapped |
| Build from source | make build | Custom modifications |
| Docker | Coming soon | Containerized environments |
๐ง Minimal Toolset
Each tool is designed to be schema-validatable, AI-orchestrable, and safe-by-default. They cover 80%+ of real-world observability and control workflows.
| Tool Name | Status | Description | Capabilities Required |
|---|---|---|---|
info | โ | System introspection: kernel, arch, BTF | CAP_BPF or none (read-only) |
load_program | โ | Load and validate .o files (CO-RE supported) | CAP_BPF or CAP_SYS_ADMIN |
attach_program | โ | Attach program to XDP, kprobe, tracepoint hooks | Depends on type (e.g. CAP_NET_ADMIN for XDP) |
inspect_state | โ | List programs, maps, links, and tool metadata | CAP_BPF (read-only) |
stream_events | โ | Stream events from ringbuf/perfbuf maps | CAP_BPF (read-only) |
trace_errors | โ | Monitor kernel tracepoints for error conditions | CAP_BPF (read-only) |
All tools return structured JSON output โ AI-ready, streaming-compatible, and schema-validated.
๐ See
docs/TOOL_SPECS.mdfor full schema definitions.
๐ What You Can Do
- โ Query kernel version, architecture, and BTF availability
- โ Load programs from disk or inline base64 with optional BTF
- โ Attach to live systems with type-safe constraints
- โ Inspect pinned objects, kernel version, verifier state
- โ Stream real-time events with filtering by pid/comm/cpu
- โ Trace kernel errors and system anomalies
- โ Discover available tools and their schemas
- โ Integrate with Claude, Ollama, or MCP-compatible clients
๐ก๏ธ Security Model
| Layer | Controls |
|---|---|
| eBPF execution | Kernel verifier + resource caps |
| Filesystem | No shell, no exec, path-validated |
| Runtime isolation | Session-scoped cleanup, strict inputs |
| AI safety | Capability-aware schemas + output limits |
| Authentication | Bearer token + HTTPS ready |
๐งผ All resources are automatically cleaned up when a client disconnects (no manual unload/detach required unless pinned).
๐ฆ Project Structure
.
โโโ cmd/ # MCP server + CLI client
โโโ internal/ # Core logic: eBPF, tools, kernel adapters
โโโ pkg/types/ # JSON schema bindings + shared types
โโโ docs/ # Tool specs, design notes, schemas
โโโ scripts/ # Install script + test suite
โโโ schemas/ # JSON Schema files for each tool
๐ง Advanced Design Notes
โ Lifecycle Management
- ๐ No manual detach: Links are closed automatically unless pinned
- ๐งน Auto cleanup: FDs and memory are released on disconnect
- ๐ Pinning: Optional pin paths (
/sys/fs/bpf/...) for maps/programs/links
๐ค AI Tooling Compatibility
- All tools are strictly typed with published schemas and return structured JSON output
- AI-ready: No parsing required โ direct integration with language models
- Streaming-compatible: Real-time data flows for observability workflows
- Responses include:
tool_versionverifier_log(for debugging)- Structured
errorwithcontext
๐ Extensibility
Future optional tools:
pin_object/unpin_objectdetach_linkmap_batch_op
These are omitted from the default for security and simplicity.
๐ References
- Linux Kernel eBPF Docs
- Model Context Protocol
- MCP Inspector Tool
- JSON Schema Spec (2020-12)
- eBPF Security Best Practices
- Cilium for Kubernetes Observability
๐งช See scripts/test-ebpf-mcp-server.sh for full validation suite.
Basic Architecture:
Claude / Ollama / AI Client
โ
MCP JSON-RPC
โ
ebpf-mcp server
โ
Kernel APIs
๐ Licensing
| Component | License |
|---|---|
internal/ebpf/ | GPL-2.0 |
| Everything else | Apache-2.0 |
โ๏ธ Contact
๐ฌ GitHub โ sameehj/ebpf-mcp ๐ Contributions, issues, and PRs welcome!
Structured. Safe. Schema-native.
ebpf-mcpbrings eBPF to the age of AI.
Related Servers
Alpha Vantage MCP Server
sponsorAccess financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
Claude Prompts MCP Server
A universal MCP server that loads prompts from an external JSON configuration file.
Subotiz MCP
Connect AI assistants to Subotiz - Using Subotiz's external capabilities through natural language
Authless MCP Server Example
An example of a remote MCP server deployable on Cloudflare Workers without authentication.
MCP Rust CLI server template
A Rust template for creating MCP CLI servers, with support for JSON-based prompts, resources, and tools.
Kinsta MCP
Model Context Protocol (MCP) server for Kinsta WordPress hosting
TypeScript MCP
A TypeScript-specialized server providing advanced code manipulation and analysis capabilities.
MLflow MCP
MLflow MCP server for ML experiment tracking with advanced querying, run comparison, artifact access, and model registry.
Codesys-mcp-toolkit
A Model Context Protocol (MCP) server for CODESYS V3 programming environments.
AiDex
Persistent code index using Tree-sitter for fast, precise code search. Replaces grep with ~50 token responses instead of 2000+.
Document Schema Specifications
A collection of document schemas for standardizing project documentation across various software projects.