Labsco
Xerrion logo

servicenow-devtools-mcp

โ˜… 2

from Xerrion

A developer & debug-focused MCP server for ServiceNow โ€” with tools for platform introspection, change intelligence, debugging, investigations, and documentation generation.

๐Ÿ”ฅ๐Ÿ”ฅ๐Ÿ”ฅ๐Ÿ”ฅโœ“ VerifiedAccount requiredNeeds API keys
<p align="center"> <img src="assets/banner.svg" alt="servicenow-platform-mcp banner" width="900" /> </p> <p align="center"> <a href="https://pypi.org/project/servicenow-platform-mcp/"><img src="https://img.shields.io/pypi/v/servicenow-platform-mcp" alt="PyPI version"></a> <a href="https://pypi.org/project/servicenow-platform-mcp/"><img src="https://img.shields.io/pypi/pyversions/servicenow-platform-mcp" alt="Python versions"></a> <a href="https://github.com/Xerrion/servicenow-platform-mcp/blob/main/LICENSE"><img src="https://img.shields.io/github/license/Xerrion/servicenow-platform-mcp" alt="License"></a> </p>

servicenow-platform-mcp

A comprehensive Model Context Protocol (MCP) server for ServiceNow. Provides 12 unified tools for platform introspection, change intelligence, debugging, record management, and automated investigations.

Environment Variables

VariableDescriptionDefaultRequired
SERVICENOW_INSTANCE_URLFull URL (must start with https://)-Yes
SERVICENOW_USERNAMEServiceNow username-Yes
SERVICENOW_PASSWORDServiceNow password-Yes
MCP_TOOL_PACKAGETool package to load (full, readonly, core_readonly, none)fullNo
SERVICENOW_ENVEnvironment label (dev/test/staging/prod)devNo
MAX_ROW_LIMITMax rows per query (1-10000)100No
LARGE_TABLE_NAMES_CSVTables requiring date filterssyslog,sys_audit,sys_log_transaction,sys_email_logNo
SCRIPT_ALLOWED_ROOTRoot dir for script_path in artifact write"" (disabled)When using script_path
SENTRY_DSNSentry DSN for error reporting""No
SENTRY_ENVIRONMENTSentry environment labelFalls back to SERVICENOW_ENVNo

The server reads from .env and .env.local files automatically.

Key Features

  • Platform Introspection - Describe table schemas with describe and query records with query using encoded queries.
  • Record Management - Unified record_write and record_apply tools for create, update, and delete with a mandatory preview-then-apply safety pattern.
  • Script-Bearing Records - Write Business Rules, Script Includes, UI Pages, Widgets, UI Macros, ACLs, and any other table whose dictionary fields carry executable script or markup, all via record_write with local script file support and per-field targeting (script_field). Script fields are discovered at runtime from sys_dictionary โ€” no hardcoded artifact catalog. Read the same surface back via record_read, or enumerate a table's script fields with describe(action='list_script_fields', table='<table>').
  • Attachment Operations - Unified attachment for read operations and attachment_write for mutations.
  • Investigations - Automated analysis of system health, stale automations, performance bottlenecks, and more via investigate.
  • Label Resolution - Map human-readable choice labels to underlying values automatically with resolve_choice.
  • Service Catalog - Dispatcher-based service_catalog tool for browsing and ordering.

Tool Packages

Control which tools are loaded with MCP_TOOL_PACKAGE.

PackageToolsDescription
full15All unified tools, including audit, flow, code_search, and the build_query helper (default)
readonly11Includes record_read, audit, flow, code_search, and attachment_write (write_gate blocks in prod)
core_readonly5Minimal read surface (includes attachment_write)
none1Just list_tool_packages

Custom packages are supported via comma-separated tool names: MCP_TOOL_PACKAGE="query,describe,attachment".

Safety

  • Table Deny List - Blocks access to sensitive system tables (sys_user_has_password, sys_credentials, etc.).
  • Sensitive Field Masking - Passwords, tokens, and secrets are automatically masked in responses.
  • Write Gating - All mutations are blocked when SERVICENOW_ENV is set to prod or production.
  • Query Safety - Enforces row limits and mandatory date filters on high-volume system tables.

These guardrails reduce risk but are not a guarantee - always validate in a sub-production environment.

See the Safety & Policy wiki page for complete details.

Development

git clone https://github.com/Xerrion/servicenow-platform-mcp.git
cd servicenow-platform-mcp
uv sync --group dev
uv run pytest                  # Run tests
uv run ruff check .            # Lint
uv run ruff format .           # Format
uv run mypy src/               # Type check