Gene Library Courses Download Pricing Contact Sign in
docker-hub logo
developer-tools Official Website

Docker Hub MCP Server – Images and Repositories

Docker's official Docker Hub MCP server gives AI agents structured access to Docker Hub search and repository APIs. Use it to discover container images, inspect tags and repository metadata, manage authenticated repositories, and research Docker Hardened Images.

#container-images#repositories#image-discovery

Overview

Docker's official Docker Hub MCP server connects compatible AI assistants to
Docker Hub APIs. It gives an agent live access to image and repository data,
allowing it to discover relevant container images and perform approved Docker
Hub operations instead of relying only on static model knowledge.

What the MCP server enables

The documented tool set supports Docker Hub search, namespace discovery,
repository management, tag inspection, and Docker Hardened Images. Depending
on whether authentication is configured, an AI agent can:

  • Search Docker Hub repositories and content using the Search V4 API.
  • Filter results by architecture, operating system, category, badge, and type.
  • Inspect repository metadata and verify whether repositories or tags exist.
  • List repositories within an authenticated namespace.
  • Create repositories and update supported repository information.
  • List and inspect repository tags, including architecture-specific variants.
  • Retrieve namespaces associated with the authenticated account.
  • Query mirrored Docker Hardened Images.

When to use it

Use Docker Hub MCP when an agent needs current container-image information or
must manage approved Docker Hub resources. Typical workflows include finding a
minimal base image, checking whether a version tag exists, comparing image
variants, locating images for a target architecture, reviewing inactive
repositories, creating a repository, and researching hardened alternatives for
a Dockerfile.

Connection and authentication

Docker documents a local build-and-run workflow for the official
docker/hub-mcp repository. After running npm install and npm run build,
MCP clients launch the compiled server over stdio with Node.js 22 or later.

Public Docker Hub content is available without authentication. Repository and
namespace management requires a Docker Hub personal access token in
HUB_PAT_TOKEN and the matching username supplied with the --username
argument. The token must have permissions appropriate to the requested
operations.

Key considerations

Authenticated tools operate with the permissions of the supplied Docker Hub
personal access token. Use a narrowly scoped token, keep it in a protected
environment variable, and require human confirmation before creating or
updating repositories. The official setup currently requires cloning and
building the repository before configuring the stdio client. Public search
results may include community images, so verify publisher, image provenance,
tags, architectures, maintenance status, and security posture before adopting
an image in production.

Supported Transports

stdio

Command: node

Args:

  • /FULL/PATH/TO/docker-hub-mcp/dist/index.js
  • --transport=stdio
  • --username=${DOCKER_HUB_USERNAME}

Frequently Asked Questions

When should an AI agent use the Docker Hub MCP server?
Use it when a workflow needs current Docker Hub information or approved repository actions, such as finding container images, comparing tags, checking architecture support, reviewing repositories, creating a repository, or researching Docker Hardened Images.
What does the Docker Hub MCP server add to an AI agent's capabilities?
It gives the agent structured access to live Docker Hub search and repository APIs, allowing it to discover and inspect current images and perform permitted repository operations instead of relying only on static model knowledge.
What can an AI agent access or manage through Docker Hub MCP?
Without authentication, the agent can search and inspect public Docker Hub content. With a suitable personal access token, it can also retrieve namespaces, list repositories, create repositories, update repository information, and inspect tags associated with authorized namespaces.
How is authentication configured for the Docker Hub MCP server?
Set HUB_PAT_TOKEN to a Docker Hub personal access token and pass the matching Docker Hub username through the --username argument. Keep the token outside the YAML in a protected environment or secret manager and grant only the permissions required by the intended workflow.
Which transport should be used for the Docker Hub MCP server?
Use stdio with the compiled official docker/hub-mcp server for standard MCP client integrations. Docker also documents an HTTP runtime mode, but the official client examples use the locally built stdio configuration included in this YAML.