GitLab-MCP-Server
Verified Safeby poly-mcp
Overview
Integrates GitLab with AI assistants like Cursor and ChatGPT for managing merge requests, CI/CD pipelines, and Architecture Decision Records (ADRs) via the Model Context Protocol (MCP).
Installation
python gitlab_mcp_server.py --http --port 8000Environment Variables
- GITLAB_BASE_URL
- GITLAB_TOKEN
- GITLAB_PROJECT_ID
- SAFE_MODE
- DRY_RUN
- ALLOWED_PROJECTS
- MAX_RETRIES
- HOST
- PORT
- VERBOSE
- LOG_LEVEL
- LLM_PROVIDER
- LLM_MODEL
- LLM_TEMPERATURE
- ALLOW_PROD_DEPLOY
Security Notes
The server demonstrates strong security practices: it loads secrets from `.env` (`GITLAB_TOKEN`), implements robust input validation and URL encoding for project IDs, includes local rate limiting, and utilizes decorators (`check_safe_mode`, `dry_run_mode`, `check_project_access`) to protect destructive operations and control project access. Production deployments are explicitly guarded by an environment variable (`ALLOW_PROD_DEPLOY`). No 'eval' or malicious code patterns were found. The documentation explicitly recommends using GitLab tokens with minimal permissions. Public exposure, for example via `ngrok` for ChatGPT integration, introduces external security considerations beyond the server's control.
Similar Servers
gitlab-mr-mcp
Enables AI agents to programmatically interact with GitLab merge requests and issues via the Model Context Protocol.
bitbucket-mcp
AI assistant integration with Bitbucket for repository, pull request, and pipeline management, enabling AI to interact with code and development workflows.
gitlab-mr-mcp
Connects an AI assistant to GitLab to manage merge requests, CI/CD pipelines, and code reviews, enabling natural language interaction.
gitlab-api
This project provides a Python wrapper for GitLab, serving as an MCP (Model Context Protocol) server to expose GitLab APIs as tools for LLMs, and an A2A (Agent-to-Agent) multi-agent system for delegated GitLab task management with a knowledge graph.