JFrog, the Liquid Software company and creator of the award-winning JFrog Software Supply Chain Platform, has announced the launch of its new Model Context Protocol (MCP) Server. This new architecture empowers Large Language Models (LLMs) and AI agents to securely connect with tools and data sources within the JFrog Platform directly from MCP-compatible clients—including popular development IDEs and agentic coding tools. The result: enhanced developer productivity and significantly streamlined software development workflows.
“The developer tool stack and product architecture has fundamentally changed in the AI era. With the launch of the JFrog MCP Server, we’re expanding the open integration capabilities of the JFrog Platform to seamlessly connect with LLMs and agentic tools,” said Yoav Landman, Co-Founder and CTO, JFrog. “This allows developers to natively integrate their MCP-enabled AI tools and coding agents with our Platform, enabling self-service AI across the entire development lifecycle, which helps increase productivity and build smarter, more secure applications faster.”
Empowering Secure, Agentic AI in the Software Supply Chain
Built on the open, industry-standard Model Context Protocol, JFrog’s MCP Server bridges AI systems with external development tools and services. By enabling natural language queries such as “Create a new local repository” or “Do we have this package in our organization?”, developers can now engage with the JFrog Platform directly through their IDEs or AI assistants. This interaction reduces context-switching and surfaces critical data—like open-source vulnerabilities and package usage—in real-time, thereby accelerating workflows and minimizing friction.
Also Read: Clarifai Launches “AI Runners” for Flexible Local AI Deployment
AI-driven automation simplifies tasks that once demanded deep developer expertise, allowing teams of all skill levels to collaborate more effectively and ship faster.
Addressing the potential security risks of remote MCP servers, JFrog’s security-first approach stands out. The company’s security research team recently identified vulnerabilities like CVE-2025-6514, which could allow remote code execution via hijacked MCP clients. In response, the JFrog MCP Server was architected with robust security measures, relying solely on trusted HTTPS connections to protect users and data.
Key Capabilities of JFrog’s MCP Server
-
Comprehensive Software Package Insights: Developers can manage repositories, track project builds, and query package and vulnerability data using the built-in toolset.
-
Cloud-Native Architecture with Automatic Updates: JFrog MCP Server is hosted remotely across all JFrog SaaS environments, ensuring regular updates and low-maintenance operation for multi-tenant organizations.
-
Secure OAuth 2.1 Authentication: Enforces modern, scoped token-based authorization for each tenant and tool, ensuring secure operations under verified user identities.
-
Production-Ready Monitoring: Delivers actionable insights with extensive logging and event tracking for intelligent tool usage oversight.
With the introduction of the MCP Server, JFrog continues to lead the way in securing and streamlining AI-powered software development for modern enterprises.