tanuki-mcp
Verified Safeby tarfu
Overview
A high-performance GitLab MCP (Model Context Protocol) server providing fine-grained access control for AI agents to interact with GitLab.
Installation
No command providedEnvironment Variables
- TANUKI_MCP_GITLAB__URL
- TANUKI_MCP_GITLAB__TOKEN
- GITLAB_TOKEN
- GITLAB_PRIVATE_TOKEN
- GITLAB_ACCESS_TOKEN
Security Notes
The server emphasizes strong access control with hierarchical and pattern-based rules, which is critical for security when exposing GitLab API capabilities to AI agents. It correctly promotes using environment variables for the GitLab token. Default network binding for HTTP and dashboard is localhost (127.0.0.1), which is secure, with explicit warnings if configured for external access (0.0.0.0). SSL verification is enabled by default. No 'eval' or direct arbitrary code execution vectors were found. Potential for Regex DoS is mitigated as patterns are from static configuration, not user input.
Similar Servers
mcp-k8s-go
An MCP server enabling AI assistants and users to interact with and manage Kubernetes clusters by listing, getting, applying, and executing commands on Kubernetes resources.
rust-docs-mcp
Provides AI agents with deep, cached access to Rust crate documentation, source code, and project structure for enhanced development.
gitlab-mr-mcp
Allows AI agents to interact with GitLab merge requests and issues for development workflow automation.
org-mcp-server
A Model Context Protocol (MCP) server for org-mode knowledge management, providing search, content access, and note linking capabilities for AI agents.