Delv
Official (Vendor)Active· 9d4.3by CircleCI

CircleCI MCP

Official CircleCI MCP so agents can diagnose and fix build failures using pipeline, job, and log context.

View repo
A
Safety & Trust

Delv Safety Grade: A

Score 85/100 · assessed 2026-04-28

Maintainer92
Permissions75
Supply chain88
Transparency82
Incidents100

CircleCI's official MCP server provides read access to CI/CD pipeline data, job logs, and build metadata. The maintainer score is strong given CircleCI's established position as a major DevOps vendor with professional engineering practices. The server requires a CircleCI API token with read permissions, which grants access to potentially sensitive build logs, environment variables visible in logs, and project configuration details. Supply chain is solid via npm with standard npx installation, though dependency pinning and signing practices are standard rather than exceptional. Transparency is good with open source code and reasonable documentation, though changelog and security disclosure processes could be more prominent. The main risk surface is the API token scope: if the token has broad org access, it exposes all projects' logs and metadata. No known security incidents.

Lethal Trifecta (prompt-injection exposure)

TRIFECTA RISK
All three axes present. This server can read private data, ingest attacker-controlled content, and send data outbound. A poisoned input (a GitHub issue, an email, a webpage) can exfiltrate secrets via this chain. Only install with auditing; avoid on shared or cloud agents.
Private dataYes
Reads secrets, credentials, private files
Untrusted inputYes
Ingests web pages, PRs, issues, emails
External commsYes
Can send data outbound

Build logs include arbitrary script output (untrusted), build environments hold secrets (private), pipelines can call out (external). The CI surface is a sleeper trifecta.

Green flags

  • Official CircleCI vendor implementation with professional maintenance
  • Read-only API access, no write or trigger capabilities
  • Standard npm distribution via @circleci namespace
  • Open source repository under CircleCI-Public GitHub org
  • Scoped to CI/CD domain without filesystem or shell access

Red flags

  • API token may grant access to sensitive build logs across entire org
  • Build logs often contain secrets, credentials, or internal infrastructure details
  • No explicit documentation on minimal token scopes or least-privilege setup

Permissions requested

Outbound networkAccess secretsRepo read
Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.

Install

npx -y @circleci/mcp-server-circleci@latest
Env vars needed: CIRCLECI_TOKEN

Review

CircleCI's official MCP server gives Claude direct access to your CI/CD pipeline data. Point it at a failing build and it can pull job logs, trace error messages, and suggest fixes without you copy-pasting terminal output into a chat window. I've used it to debug flaky tests and environment misconfigurations, and the time savings are real when you're context-switching between GitHub, CircleCI's web UI, and your editor. The core workflow is straightforward: a build fails, you ask Claude to investigate, and it fetches the relevant job logs and pipeline metadata through the MCP server. Claude can then correlate error messages with your codebase, suggest dependency issues, or point out configuration drift. It's particularly good when the failure isn't obvious from the first few lines of a log, or when you need to compare multiple job runs to spot patterns. I've found it most useful for Node.js and Python projects where dependency resolution or environment setup tends to break in subtle ways. The MCP server requires a CircleCI personal API token with read access to your projects. Once configured, it exposes tools for listing pipelines, fetching job details, and tailing logs. The log-tailing feature is genuinely useful because CircleCI's web UI can be slow to load full logs for long-running jobs, and Claude can filter the noise for you. Quirks: it's read-only, so Claude can't trigger rebuilds or modify pipeline configs. That's probably the right call for safety, but it does mean you're still clicking buttons in the CircleCI UI after diagnosis. The server also assumes you know your project slugs and pipeline IDs, so there's a bit of manual lookup if you're working across multiple repos. And if your CircleCI logs are genuinely massive (think multi-gigabyte Docker build output), you might hit rate limits or token budget issues. Skip this if you're not already using CircleCI, obviously. Also skip it if your builds are simple enough that the failure is always in the first ten lines of output. But if you're debugging flaky CI across multiple projects or onboarding team members who don't know where to look in CircleCI's UI, this is a solid addition to Claude Desktop.
Verdict

Install this if you spend more than ten minutes a week digging through CircleCI logs. It won't fix your builds for you, but it will save you the tedious part of correlating errors across jobs and pipeline runs. Skip it if your CI is simple or you're not on CircleCI.

Good at

  • Saves you from manually copying logs and pipeline URLs into Claude.
  • Log-tailing feature is faster than waiting for CircleCI's web UI to load full output.
  • Genuinely useful for correlating errors across multiple job runs or pipeline stages.
  • Official vendor support means it tracks CircleCI API changes.

Watch out

  • Read-only access means Claude can't trigger rebuilds or modify configs.
  • Requires manual lookup of project slugs and pipeline IDs if you work across many repos.
  • Large logs can hit rate limits or exhaust Claude's token budget.
  • Only useful if you're already committed to CircleCI as your CI/CD platform.

Use cases

  • build failure diagnosis
  • pipeline management
  • log tailing
  • workflow debugging

Getting started

1. Generate a CircleCI personal API token from your account settings with read access to projects. 2. Run `npx -y @circleci/mcp-server-circleci@latest` to install, then add the server to your Claude Desktop config with `CIRCLECI_TOKEN` set to your token. 3. Restart Claude Desktop and verify the server appears in the MCP tools list. 4. Ask Claude to list recent pipelines for one of your projects to confirm it can authenticate. 5. Watch out for rate limits if you're querying large logs or running many concurrent requests.

Works with

Claude DesktopClaude CodeCursor

Similar MCPs