← Back to Claude Tool Reviews

Heroku MCP

Connector Infrastructure Usable

Official Heroku MCP — 75 stars, early development. App management, dyno scaling, add-on provisioning, PostgreSQL queries, pipeline management, sandboxed one-off dyno execution.

75 starsApache-2.0 (commercial OK)PaidNo code needed
Official tool maintained by Heroku (Salesforce).
Reviewed 2026/03 ·
Fair rating — This tool is functional but has notable gaps. Review the evaluation notes below before deploying.
Why it matters

Official Heroku integration in early development. Standout feature: sandboxed one-off dyno execution lets Claude run code in an isolated environment.

Best for

Teams on Heroku who want to manage apps, scale dynos, and query PostgreSQL from Claude.

Works in
Claude Code Claude Cowork Claude Chat
Source

https://www.npmjs.com/package/@heroku/mcp-server

By Heroku (Salesforce)

How to Get It

Option 1: Claude Desktop AppOpen the Customize panel in the sidebar → browse connectors → search and add. Works in Claude Code, Claude Cowork, and Claude Chat.
Option 2: Paste into Claude CodeCopy the command below and paste it into a Claude Code conversation. Claude will run it for you.
Command
npx -y @heroku/mcp-server

Tip: Paste this into a Claude Code conversation. Verify command matches your Claude Code version.

PrerequisitesHeroku CLI v10.8.1+ installed and authenticatedTime to functional20 minutesCostPaid — Heroku plans from $5/dyno/month

Trust Signals Source Reviewed

Stars75Contributors16Last updated2026-04-05LicenseApache-2.0 (OK for commercial use)Weekly downloads5,113Known CVEsNone found

Data & Access

Data processingPrompts sent to Anthropic API. Enterprise/Team plans exclude training.Connects toHeroku (Salesforce) servers (official integration)

Community Pulse Active

Discussed on Hacker News, Reddit

12 mentions across 2 sources

Reviewer notes

Source Reviewed review. These are observations, not a security certification.

Maintained by Salesforce (major vendor). v1.2.1, active cadence. Broad capabilities including arbitrary SQL via pg_psql and full dyno/pipeline control. Apache 2.0 license. pg_psql can run arbitrary SQL against production databases — significant risk if misused. Recommend restricting to read-only tools in production environments.

pg_psql (arbitrary SQL), pg_credentials, and full dyno/pipeline control. An AI agent with this MCP could drop databases, expose credentials, or deploy arbitrary code. CRITICAL: restrict to read-only tools only in production-adjacent environments. Requires Heroku API key with full platform access. RESTRICTED: PostgreSQL query execution + dyno scaling + pipeline management. Requires compensating controls (sandboxing, separate accounts, restricted profiles) before team deployment.

2026-04-02: LIMITATION: Early development — tool set will evolve and may break. Requires Heroku CLI v10.8.1+. Does not support standard private spaces.

How to evaluate tools before deploying →

Data shown here comes from public APIs and automated scanning. Reviewer notes reflect one person's experience. This is not a security certification or legal recommendation. Always evaluate tools according to your own organization's policies.

Evaluation Scores

Evaluation

Ease of Use
3/5
Versatility
2/5
Reliability
4/5
Security
2/5
Overall score2.85 / 5.00 UsableEvaluatedMar 2026
Maintained by Salesforce (major vendor). v1.2.1, active cadence. Broad capabilities including arbitrary SQL via pg_psql and full dyno/pipeline control. Apache 2.0 license. pg_psql can run arbitrary SQL against production databases — significant risk if misused. Recommend restricting to read-only tools in production environments.

← Back to Claude Tool Reviews