56 tools from the Docker MCP Server, categorised by risk level.
View the Docker policy →docker_compose_config Parse and validate docker-compose.yml file docker_compose_logs View output from Docker Compose services docker_compose_ps List Docker Compose services docker_container_health_check Check the health status of a container. Returns health check status (healthy, unhealthy, starting, none), health check configuration, failure strea... docker_container_logs Get logs from a container docker_container_stats Get real-time statistics from a container docker_image_history Get the history of an image docker_inspect_container Get detailed information about a container docker_inspect_exec Get information about an exec instance docker_inspect_image Get detailed information about an image docker_inspect_network Get detailed information about a network docker_inspect_volume Get detailed information about a volume docker_kill_container Kill a running container. Requires confirmation for safety. First call without confirm to see container details, then call again with confirm=true ... docker_list_containers List Docker containers. Returns all containers including stopped ones if all=true. docker_list_images List Docker images docker_list_networks List Docker networks docker_list_volumes List Docker volumes docker_pause_container Pause a running container docker_pull_image Pull an image from a registry docker_system_info Get Docker system information docker_tag_image Tag an image docker_unpause_container Unpause a paused container docker_version Get Docker version information dockerhub_authenticate Authenticate with Docker Hub dockerhub_get_tags Get tags for a Docker Hub repository dockerhub_pull Pull an image from Docker Hub dockerhub_search Search Docker Hub for images 2/5 ghcr_authenticate Authenticate with GitHub Container Registry ghcr_pull Pull an image from GitHub Container Registry docker_connect_container Connect a container to a network 2/5 docker_create_container Create a new Docker container from an image 3/5 docker_create_network Create a Docker network 2/5 docker_create_volume Create a Docker volume 2/5 docker_disconnect_container Disconnect a container from a network 2/5 docker_push_image Push an image to a registry 3/5 dockerhub_push Push an image to Docker Hub 3/5 ghcr_push Push an image to GitHub Container Registry 3/5 docker_compose_down Stop and remove Docker Compose services 4/5 docker_prune_containers Remove stopped containers. Requires confirmation for safety. First call without confirm to see what will be removed, then call again with confirm=t... 4/5 docker_prune_images Remove unused images. Requires confirmation for safety. First call without confirm to see what will be removed, then call again with confirm=true t... 4/5 docker_prune_networks Remove unused networks. Requires confirmation for safety. First call without confirm to see what will be removed, then call again with confirm=true... 4/5 docker_prune_system Remove unused data (containers, networks, images, build cache). Requires confirmation for safety. First call without confirm to see what will be re... 4/5 docker_prune_volumes Remove unused volumes. Requires confirmation for safety. First call without confirm to see what will be removed, then call again with confirm=true ... 4/5 docker_remove_container Remove a container. Requires confirmation for safety. First call without confirm to see container details, then call again with confirm=true to pro... 4/5 docker_remove_image Remove an image. Requires confirmation for safety. First call without confirm to see image details, then call again with confirm=true to proceed. 4/5 docker_remove_network Remove a Docker network. Requires confirmation for safety. First call without confirm to see network details, then call again with confirm=true to ... 4/5 docker_remove_volume Remove a Docker volume. Requires confirmation for safety. First call without confirm to see volume details, then call again with confirm=true to pr... 4/5 docker_compose_build Build Docker Compose services 3/5 docker_compose_restart Restart Docker Compose services 3/5 docker_compose_start Start Docker Compose services 3/5 docker_compose_stop Stop Docker Compose services 3/5 docker_compose_up Start Docker Compose services 3/5 docker_exec Execute a command in a running container 4/5 docker_restart_container Restart a container 3/5 docker_start_container Start a stopped container 3/5 docker_stop_container Stop a running container 3/5 The Docker MCP server exposes 56 tools across 4 categories: Read, Write, Destructive, Execute.
Use Intercept, the open-source MCP proxy. Write YAML rules for each tool — rate limits, argument validation, or deny rules — then run Intercept in front of the Docker server.
Docker tools are categorised as Read (29), Write (8), Destructive (10), Execute (9). Each category has a recommended default policy.
Open source. One binary. Zero dependencies.
npx -y @policylayer/intercept