$ timeahead.in
/servers/blog/about
/ servers/npm/@zereight/mcp-gitlab
npm

@zereight/mcp-gitlab

GitLab MCP server for projects, merge requests, issues, pipelines, wiki, releases, and more

2k stars131k/wkupdated 0d agogithub ↗
☆ Watch this server📋 Install guide⚡ Compare⚑ Claim listing
58poor
▣ Overview

What it does

A comprehensive MCP server that bridges Claude, VS Code, Cursor, and other AI clients to GitLab. It exposes 15 tools for managing projects, merge requests, issues, pipelines, wiki, releases, tags, and milestones. Supports three transport modes (stdio for local clients, SSE and Streamable HTTP for remote deployments), four authentication methods (PAT, local OAuth, MCP OAuth proxy, and per-request tokens), and works with both gitlab.com and self-hosted GitLab instances.

Who it's for

Backend and DevOps engineers who want to browse, search, and manage GitLab repositories from Claude Code or similar AI clients. Teams running self-hosted GitLab instances and needing tight integration with AI workflows. Organizations that prefer read-only mode for security auditing or lightweight access.

Common use cases

  • Query project structure, file contents, and commit history from Claude Code without leaving the editor
  • Create and update merge requests and issues through natural language prompts in your AI client
  • Monitor CI/CD pipeline status and view logs for active projects
  • Retrieve and contribute to project wiki and release notes
  • Manage labels, milestones, and tags across repositories

Setup pitfalls

  • This package has 139 embedded secrets and high risk class; store GitLab tokens in environment variables or secure secret managers, never hardcode them. Review the token's scope — it should have minimal required permissions (e.g., read-only if you don't intend to create MRs).
  • Four authentication methods exist; pick one based on your deployment: use GITLAB_PERSONAL_ACCESS_TOKEN for local/desktop clients, GITLAB_USE_OAUTH for local OAuth2 flow, GITLAB_MCP_OAUTH for remote clients (e.g., Claude.ai), or REMOTE_AUTHORIZATION for multi-user setups.
  • Custom GitLab instances require GITLAB_API_URL set to your self-hosted endpoint (e.g., https://gitlab.internal/api/v4); trailing path and proxy settings must match your network topology.
  • Some MCP clients have issues with environment variables; if authentication fails, use CLI arguments (--token, --api-url) instead.
139 credentials detected in repository history via Gitleaks
▣ Score BreakdownMCPScore = Σ(raw × weight)
DimensionRawWeighted
Security
35%
0
0.0
Freshness
25%
100
25.0
Adoption
20%
92
18.5
Quality
10%
90
9.0
Trust
10%
50
5.0
Total
57.5
⚿ Capabilities & Risk Explainer
fs readfs writenetworkexecsecrets
◆ Risk level: high· 15 tools · auth: API key
fs read + fs write + network + exec + secrets active — can execute code, access credentials, and make external network calls.
Tool nameDescriptionDestructive?
omg_next_phase✓ no
omg_check_completion✓ no
omg_get_phase_info✓ no
omg_read_memory✓ no
omg_write_memory⚠ yes
+10 more tools
omg_delete_memory⚠ yes
omg_read_prd✓ no
omg_create_prd✓ no
omg_update_story✓ no
omg_verify_story✓ no
omg_read_state✓ no
omg_write_state⚠ yes
omg_clear_state✓ no
omg_list_active✓ no
omg_select_model✓ no
⚙ Install config
Claude Desktop · Cursor · Windsurf · VS Code (Copilot) · Claude Code
add to your MCP client config:
{
  "mcpServers": {
    "zereightmcp-gitlab": {
      "command": "npx",
      "args": [
        "-y",
        "@zereight/mcp-gitlab"
      ]
    }
  }
}
📈 Score historylast 38 snapshots
4/30/20266/17/2026 · 38 snapshots
⚙ Maintenance health
79/ 100 · is this project alive?
contributors (1y)92
top contributor share40%
releases (1y)58
last release0d ago
ci✓ passing
⛁ Raw data
weekly downloads131k
github stars2k
forks309
open issues21
license✓ present
readme length35720 chars
last publish0d ago
last commit0d ago
last updated2d ago
install verified✓ pass · 29d ago
owner of this server? claim your listing to get a verified badgeclaim →
🔔 Score drop alerts
get notified by email when this server's score drops 5+ points