STAC MCP Server

An MCP (Model Context Protocol) Server that provides access to STAC (SpatioTemporal Asset Catalog) APIs for geospatial data discovery and access. Supports dual output modes (text and structured json) for all tools.

The coverage badge is updated automatically on pushes to main by the CI workflow.

Overview

This MCP server enables AI assistants and applications to interact with STAC catalogs to:

• Search and browse STAC collections

• Find geospatial datasets (satellite imagery, weather data, etc.)

• Access metadata and asset information

• Perform spatial and temporal queries

Features

Available Tools

All tools accept an optional output_format parameter ("text" default, or "json"). JSON mode returns a single MCP TextContent whose text field is a compact JSON envelope: { "mode": "json", "data": { ... } } (or { "mode": "text_fallback", "content": ["..."] } if a handler lacks a JSON branch). This preserves backward compatibility while enabling structured consumption (see ADR 0006 and ASR 1003).

• get_root: Fetch root document (id/title/description/links/conformance subset)

• get_conformance: List all conformance classes; optionally verify specific URIs

• get_queryables: Retrieve queryable fields (global or per collection) when supported

• get_aggregations: Execute a search requesting aggregations (count/stats) if supported

• search_collections: List and search available STAC collections

• get_collection: Get detailed information about a specific collection

• search_items: Search for STAC items with spatial, temporal, and attribute filters

• get_item: Get detailed information about a specific STAC item

• estimate_data_size: Estimate data size for STAC items using lazy loading (XArray + odc.stac)

Capability Discovery & Aggregations

The new capability tools (ADR 0004) allow adaptive client behavior:

• Graceful fallbacks: Missing /conformance, /queryables, or aggregation support returns structured JSON with supported:false instead of hard errors.

• get_conformance falls back to the root document's conformsTo array when the dedicated endpoint is absent.

• get_queryables returns an empty set with a message if the endpoint is not implemented by the catalog.

• get_aggregations constructs a STAC Search request with an aggregations object; if unsupported (HTTP 400/404), it returns a descriptive message while preserving original search parameters.

Data Size Estimation

The estimate_data_size tool provides accurate size estimates for geospatial datasets without downloading the actual data:

• Lazy Loading: Uses odc.stac to load STAC items into xarray datasets without downloading

• AOI Clipping: Automatically clips to the smallest area when both bbox and AOI GeoJSON are provided

• Fallback Estimation: Provides size estimates even when odc.stac fails

• Detailed Metadata: Returns information about data variables, spatial dimensions, and individual assets

• Batch Support: Retains structured metadata for efficient batch processing

Example usage:

Supported STAC Catalogs

By default, the server connects to Microsoft Planetary Computer STAC API, but it can be configured to work with any STAC-compliant catalog.

Installation

PyPI Package

Development Installation

Container

The STAC MCP server publishes multi-arch container images (linux/amd64, linux/arm64) via GitHub Actions workflow (.github/workflows/container.yml). The current build uses a Python 3.12 slim Debian base (not distroless) with GDAL-related libs for raster IO and odc-stac compatibility.

Container images are tagged with semantic versions when version bumps occur on main:

• ghcr.io/bnjam/stac-mcp:X.Y.Z (exact version)

• ghcr.io/bnjam/stac-mcp:X.Y (major.minor convenience tag)

• ghcr.io/bnjam/stac-mcp:X (major convenience tag)

• ghcr.io/bnjam/stac-mcp:latest (points at current main version) Pull request builds (without version bump) also produce ephemeral PR/ref tags via the metadata action.

Building the Container

To build the container locally using the provided Containerfile:

The Containerfile currently performs a single-stage build based on python:3.12-slim (future optimization could reintroduce a distroless runtime stage). It installs system GDAL/PROJ dependencies and then installs the package.

Usage

As an MCP Server

Native Installation

Configure your MCP client to connect to this server:

Container Usage

To use the containerized version with an MCP client:

Or with Podman:

docker run --rm -i ghcr.io/bnjam/stac-mcp:latest

Command Line

Native Installation

Each invocation starts an MCP stdio server; it waits for protocol messages (see examples/example_usage.py).

Container Usage

Examples

Example: JSON Output Mode

Below is an illustrative (client-side) pseudo-call showing output_format usage through an MCP client message:

The server responds with a single TextContent whose text is a JSON string like:

This wrapping keeps the MCP content type stable while enabling machine-readable chaining.

Development

Setup

GitHub Codespaces (Recommended)

The fastest way to get started is with GitHub Codespaces, which provides a fully configured development environment in your browser:

1. Click the green "Code" button on the GitHub repository

2. Select the "Codespaces" tab

3. Click "Create codespace on main"

The devcontainer will automatically:

• Set up Python 3.12 with all dependencies

• Install GDAL/PROJ system libraries

• Configure VS Code with recommended extensions

• Install the project in development mode

See .devcontainer/README.md for more details.

Local Development

For local development with containers, you can use VS Code's Remote Containers extension with the provided .devcontainer configuration.

Testing

Test Coverage

The project uses coverage.py (already a dependency was added) for measuring statement and branch coverage.

Quick run (terminal):

Example output (illustrative):

Generate an HTML report (optional):

Configuration: .coveragerc enforces branch = True and omits tests/* and scripts/version.py. Update omit patterns only when necessary to keep metrics honest.

Recommended workflow before opening a PR:

1. black stac_mcp/ tests/ examples/

2. ruff check stac_mcp/ tests/ examples/ --fix

3. coverage run -m pytest -q

4. coverage report -m (ensure no unexpected drops)

SSL / TLS Troubleshooting

If you encounter an SSL certificate verification error (e.g., SSLCertVerificationError or a message about a self-signed certificate in certificate chain) when the server accesses a STAC endpoint:

1. Confirm the endpoint is reachable with a standard tool (e.g., curl https://.../stac/v1/conformance).

2. Ensure your system trust store is up to date (on macOS, some Python installs provide an Install Certificates.command).

3. Behind a corporate proxy / MITM device: export a custom CA bundle.

The client now supports two environment variables (see ADR notes / security guidance):

Example (custom CA):

Temporary diagnostic bypass (NOT recommended):

When an SSL failure occurs you will receive a structured SSLVerificationError message with remediation guidance instead of a low-level urllib.error.URLError.

Container vs Local/Virtual Environment (Why get_conformance May Differ)

The published Docker/Podman images generally succeed with get_conformance against public STAC APIs even when a locally installed Python environment fails. Reasons:

• The container base image (python:3.12-slim) ships with a current CA trust store.

• Some local macOS / Homebrew / pyenv environments have an out-of-date or un-initialized certificate bundle until you run the platform's certificate installation script.

• Corporate proxies can inject custom CAs that exist in system Keychain but are not automatically propagated to the Python cert store.

Typical symptom: Local invocation of the get_conformance tool returns a structured SSLVerificationError, while running the same command via the container (e.g. docker run --rm -i ghcr.io/bnjam/stac-mcp:latest) succeeds.

Mitigations (ordered):

1. Update local certificates (macOS framework Python: run the Install Certificates.command script found in the Python application folder).

2. Export a custom CA bundle path: export STAC_MCP_CA_BUNDLE=/path/to/ca.pem.

3. (Last resort, diagnostics only) Temporarily disable verification with STAC_MCP_UNSAFE_DISABLE_SSL=1 and immediately revert once the root cause is identified.

If the container also fails, the remote endpoint may genuinely present an invalid or mismatched certificate—collect the structured error details (they include hostname and failing reason) and investigate network or proxy layers.

Planned future enhancements (pending ADRs): add retry/federation logic and corresponding tests; coverage thresholds may be introduced once feature set stabilizes.

Linting

Version Management

The project uses semantic versioning (SemVer) with automated version management based on branch naming, implemented in .github/workflows/container.yml:

Branch-Based Automatic Versioning

When PRs are merged to main, the workflow inspects the merged branch name (via the PR head ref) and increments the version if it matches a prefix:

• hotfix/, copilot/fix-, or copilot/hotfix/ branches → patch increment (0.1.0 → 0.1.1) for bug fixes

• feature/ or copilot/feature/ branches → minor increment (0.1.0 → 0.2.0) for new features

• release/ or copilot/release/ branches → major increment (0.1.0 → 1.0.0) for breaking changes

Manual Version Management

You can also manually manage versions using the version script (should normally not be needed unless doing a coordinated release):

The version system maintains consistency across:

• pyproject.toml (project version)

• stac_mcp/__init__.py (version)

• stac_mcp/server.py (server_version in MCP initialization)

Container Development

To develop with containers:

Current Containerfile (single-stage) notes:

• Based on python:3.12-slim for broad wheel compatibility (rasterio, shapely, etc.)

• Installs GDAL/PROJ system libraries needed by rasterio/odc-stac

• Installs the package with pip install .

• Entrypoint: python -m stac_mcp.server (stdio MCP transport)

• Multi-stage/distroless hardening can be reintroduced later (tracked by potential future ADR)

STAC Resources

• STAC Specification

• pystac-client Documentation

• Microsoft Planetary Computer

• AWS Earth Search

License

Apache 2.0 - see LICENSE file for details.

Architecture Overview

The project maintains Architecture Decision Records (ADRs) and Architecture Significant Requirements (ASRs) under architecture/. Core recent decisions:

• Observability & Telemetry (ADR 0012): structured logging (stderr only), metrics counters, correlation IDs, future-ready tracing hooks.

• Multi-Catalog Federation (ADR 0013): optional parallel search across multiple STAC endpoints with deterministic merging and provenance.

• Pluggable Tool Extension Model (ADR 0014): entry point / directory-based plugin registration with collision protection.

• Response Meta Stability (ADR 0015): introduces meta object with stable vs experimental field tiering.

• Security & Credential Isolation (ADR 0016): alias-scoped credentials, redaction and least-privilege injection.

Notable earlier foundations:

• Output format & JSON envelope (ADR 0006) and JSON stability (ASR 1003)

• Capability & aggregation support (ADR 0004)

• Data size estimation tool (ADR 0009) with nodata efficiency requirement (ASR 1006)

• Caching layer (ADR 0011)

• Offline deterministic validation (ASR 1001)

• Graceful network error handling (ASR 1004)

• Performance bounds for search (ASR 1005)

• Reliability & Retry Policy (ASR 1008)

See individual ADR/ASR markdown files for full context, rationale, and evolution notes.

Service Level Objectives (SLO) & Requirements Summary

The following summarizes measurable targets defined in ASRs (and related ADR enforcement points). These are engineering goals; enforcement is via tests, benchmarks, and observability counters.

Experimental Meta Fields (Subject to Change)

Defined in ADR 0015; current experimental keys returned (when features enabled):

• _exp_federation_warnings: array of partial-failure or truncation notices

• _exp_cache_hit: boolean indicating cache usage

• _exp_retry_attempts: integer number of retry attempts performed

Promotion of experimental fields to stable requires an ADR update and minor version release; consumers should treat _exp_* names as best-effort hints.

Operational Notes

• Logging never uses stdout to avoid MCP protocol interference (ADR 0012).

• Federation item merging adds provenance via a namespaced property (stac_mcp:source_catalog) (ADR 0013).

• Retry logic applies only to idempotent read tools; future write-type tools must opt in explicitly (ASR 1008).

• Nodata adjustment is off by default to preserve raw size semantics (ASR 1006).

Roadmap Candidates (Future ADRs)

• Metrics exposure tool or external exporter integration

• Circuit breaker & adaptive backoff extensions to reliability policy

• Plugin capability introspection tool

• OAuth / token refresh flows for credential layer

For contributions impacting architecture, add or update an ADR/ASR following AGENTS.md guidelines.

Observability Configuration (ADR 0012)

Environment variables controlling telemetry:

All logs are emitted to stderr only; stdout is reserved strictly for MCP protocol traffic. JSON logs include fields: timestamp, level, message, plus optional event, tool_name, duration_ms, error_type, correlation_id, cache_hit, catalog_url.