Package Metadata

Author: Amazon Web Services
Email: AWSLabs MCP <[email protected]>, Amazon Web Services <[email protected]>
PyPI: awslabs.eks-mcp-server
Python: >=3.10
Versions: 29 releases
First release: 29 May 2025, 00:53 UTC
Analysed: 08 Jun 2026, 14:41 UTC
Source files: 34 .py files scanned

Project Links

changelog docs documentation homepage repository

Classifiers

License :: OSI Approved :: Apache Software LicenseOperating System :: OS IndependentProgramming Language :: PythonProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits signs of both legitimate functionality and potential risks, particularly concerning credential handling and obfuscated code, which require closer scrutiny.

High credential risk due to direct access to AWS credentials
Moderate obfuscation risk suggesting hidden code logic

Per-check LLM notes

Network: Detected network call suggests the package may be communicating with an external API, which could be legitimate if the package is designed to interact with AWS services, but requires further investigation to confirm its purpose and destination.
Shell: No shell execution patterns detected, indicating low risk of direct system command execution.
Obfuscation: The base64 decoding and dynamic import patterns suggest an attempt to hide code logic, which could be used for malicious purposes but may also serve legitimate needs like protecting API keys or other sensitive data.
Credentials: Direct access to environment variables holding AWS credentials indicates potential risk of unauthorized access, especially if proper security measures like IAM roles are not enforced.
Metadata: The presence of a non-HTTPS external link is suspicious but not conclusive. The maintainer's history suggests they are associated with Amazon Web Services and do not appear to be typosquatting.

📦 Package Quality Overall: Medium (6.6/10)

✦ High Test Suite 9.0

Test suite present — 16 test file(s) found

Test runner config found: pyproject.toml
16 test file(s) detected (e.g. test_aws_helper.py)

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "docs" -> https://awslabs.github.io/mcp/servers/eks-mcp-server/
Detailed PyPI description (33723 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

◈ Medium Type Annotations 5.0

Partial type annotation coverage

57 type-annotated function signatures detected in source

✦ High Multiple Contributors 10.0

Active multi-contributor project

42 unique contributor(s) across 100 commits in awslabs/mcp
Active community — 5 or more distinct contributors

🔬 Heuristic Checks

⚠ Outbound Network Calls score 1.5

Found 1 network call pattern(s)

try: response = requests.post( API_ENDPOINT, json={'questi

⚠ Code Obfuscation score 6.0

Found 3 obfuscation pattern(s)

ca_cert_data = base64.b64decode(ca_data) ca_cert_file.write(ca_cert_data
amespace packages. __path__ = __import__('pkgutil').extend_path(__path__, __name__) # Copyright Amazon.com, In
lambda name, *args, **kwargs: __import__(name, *args, **kwargs) if name != 'kubernetes' else exec('

✓ Shell / Subprocess Execution

No shell execution patterns detected

⚠ Credential Harvesting score 5.0

Found 2 credential access pattern(s)

ent if set.""" return os.environ.get('AWS_REGION') @staticmethod def get_aws_profile() -> Opt
ent if set.""" return os.environ.get('AWS_PROFILE') @classmethod def create_boto3_client(cls,

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: users.noreply.github.com>

⚠ Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

Non-HTTPS external link: http://proxy.example.com:8080

✓ Git Repository History

Repository awslabs/mcp appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Amazon Web Services" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with awslabs.eks-mcp-server

Develop a Python-based mini-application that acts as a Model Context Protocol (MCP) client for Amazon Elastic Kubernetes Service (EKS), utilizing the 'awslabs.eks-mcp-server' package. This application will serve as a bridge between your local development environment and remote EKS clusters, allowing you to manage model contexts more efficiently. Your task is to create a command-line interface (CLI) tool that enables users to perform the following actions:

1. List all available model contexts within a specified EKS cluster.
2. Create new model contexts by providing necessary configurations such as context name, namespace, and initial data payload.
3. Update existing model contexts with new data payloads.
4. Delete model contexts when they are no longer needed.
5. Retrieve detailed information about a specific model context including its metadata and current data payload.

To achieve these functionalities, you will need to interact with the 'awslabs.eks-mcp-server' package, which provides the necessary APIs to communicate with the MCP server running on your EKS cluster. Ensure that your application handles errors gracefully and provides informative feedback to the user. Additionally, implement basic authentication mechanisms to secure the communication between the client and the server.

Your final deliverable should include a well-documented Python script, a set of test cases to validate each feature, and a README file explaining how to install dependencies, run the application, and use it effectively.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (6.6/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue