Manage ArcGIS users, layers, items, and geoprocessing across one unified server.
This MCP tool appears to provide management and editing operations for ArcGIS Online/Enterprise, with typical local execution and remote platform access capabilities, so the overall posture is mostly caution. Its open-source MIT-licensed status is a positive signal, but sparse documentation, low adoption, and unknown maintenance reduce audit confidence.
The material explicitly states that no keys or environment variables are required; there is no described need for extra API keys, tokens, or local secret injection. While ArcGIS services commonly involve authentication, the provided material does not show a concrete credential collection, storage, or exfiltration risk.
The tool is described as supporting ArcGIS Online and Enterprise user/group management, feature layer operations, geoprocessing, and server administration, which inherently implies communication with ArcGIS services and possible transfer of user-operation-related data. No fixed remote host is listed and there is no clear red flag of exfiltration to unrelated or unknown endpoints, but the actual network scope should still be verified at deployment time.
The objective checks mark it as executes-code, indicating typical MCP capability to run code/processes locally. Given its role as a 'unified MCP server,' it should be treated as capable of executing local logic; however, this inherent capability alone, without signs of extra privilege escalation or dangerous command behavior, is not enough to rate it as high risk.
Based on the description, it can manage users/groups, items, feature layers, and server administration, so its main data-access surface is likely ArcGIS platform resources and administrative objects. The material does not show a need for broad local filesystem access or permissions beyond its stated purpose, but because it performs management and editing actions, the real authorization scope should still be reviewed carefully.
Positive factors are that it is open source, auditable on GitHub, and MIT-licensed, which materially lowers opaque black-box risk. Negative factors are that it comes from a third-party registry, the repository has 0 stars, there is no README, and maintenance status is unknown, indicating limited community validation and weak evidence of ongoing upkeep; supply-chain trust is therefore moderate and cautious.
Copy the install command and let the AI configure it · recommended for beginners
No copy-paste install info for "ArcGIS MCP" yet — see the docs or source repo.
Connect to ArcGIS Enterprise, query the latest 100 features from the layer "City Roads", filter records where status is "Under Construction", and update the owner field to "Zhang Min".
A list of matching features and the result of the batch field update.
Review members of the "East China Project Team" group in ArcGIS Online, assign the correct role to members missing edit permissions, and output a change log.
Permission audit results, completed role updates, and a detailed user change log.
Run a buffer analysis on ArcGIS Server: create 3 km buffers for the "Store Locations" layer and save the result as a new item named "Store Service Area Analysis".
A completed buffer analysis with a new output layer or item and its save details.
Find nearby places from an address using the ArcGIS map API.
Manage and route MCP servers from one unified control app.
Unify multiple MCP servers into one endpoint with filtering and automated management.
Search, inspect, trace, and read business data assets across internal platforms.
Control dynamic maps and layers to visualize geospatial data in AI workflows.
Query and manage Unraid server data through its GraphQL API.