MCP Server Policy

DOCKER MCP POLICY

Enforce policies on every tool call to the Docker MCP Server. 19 tools listed, categorised, and ready for rules.

ckreiling/mcp-server-docker 5 read 14 write 19 tools total

docker containers images volumes networks

GET STARTED

Download this policy scaffold and add your rules. Intercept enforces them on every tool call before it reaches Docker.

terminal

# Download policy scaffold


curl -o docker.yaml https://raw.githubusercontent.com/policylayer/intercept/main/policies/docker.yaml

# Run with Intercept


intercept --policy docker.yaml -- npx -y @ckreiling/mcp-server-docker

Server documentation: https://github.com/ckreiling/mcp-server-docker

READ TOOLS

fetch_container_logs Retrieve container output

list_containers Display all containers

list_images View available Docker images

list_networks Show all networks

list_volumes Display all volumes

WRITE TOOLS

create_container Initialize a new container

create_network Establish a new network

create_volume Create persistent storage

push_image Upload an image to a registry

DESTRUCTIVE TOOLS

remove_container Delete a container

remove_image Delete an image

remove_network Delete a network

remove_volume Delete a volume

EXECUTE TOOLS

run_container Launch a container

OTHER TOOLS

build_image Create an image from a Dockerfile

pull_image Download an image from a registry

recreate_container Rebuild an existing container

start_container Activate a stopped container

stop_container Halt a running container

POLICY YAML

This scaffold lists every tool with empty rules. Add conditions — rate limits, argument validation, deny rules — then deploy with Intercept.

docker.yaml

version: "1"
description: "Policy for ckreiling/mcp-server-docker"
default: "allow"
tools:
    fetch_container_logs:
        rules: []
    list_containers:
        rules: []
    list_images:
        rules: []
    list_networks:
        rules: []
    list_volumes:
        rules: []
    create_container:
        rules: []
    create_network:
        rules: []
    create_volume:
        rules: []
    push_image:
        rules: []
    run_container:
        rules: []
    remove_container:
        rules: []
    remove_image:
        rules: []
    remove_network:
        rules: []
    remove_volume:
        rules: []
    build_image:
        rules: []
    pull_image:
        rules: []
    recreate_container:
        rules: []
    start_container:
        rules: []
    stop_container:
        rules: []

RELATED POLICIES

Brave Search 6 tools

images

FREQUENTLY ASKED QUESTIONS

What tools does the Docker MCP server expose?

The Docker MCP Server exposes 19 tools across 5 categories: Read, Write, Execute, Destructive, Other. Each tool can be individually controlled with Intercept policies.

How do I enforce policies on Docker?

Download the policy scaffold, add rules (rate limits, argument validation, deny rules), then run Intercept as a proxy in front of the Docker MCP server. Every tool call is evaluated against your YAML policy before execution.

Is the Docker policy free to use?

Yes. All Intercept policies are open source under the Apache 2.0 licence. Download, modify, and deploy without restrictions.

ENFORCE POLICIES ON DOCKER

Open source. One binary. Zero dependencies.

VIEW ON GITHUB Browse all policies →

DOCKER MCP POLICY

GET STARTED

READ TOOLS

fetch_container_logs

list_containers

list_images

list_networks

list_volumes

WRITE TOOLS

create_container

create_network

create_volume

push_image

DESTRUCTIVE TOOLS

remove_container

remove_image

remove_network

remove_volume

EXECUTE TOOLS

run_container

OTHER TOOLS

build_image

pull_image

recreate_container

start_container

stop_container