GITLAB_AI_CATALOGgitlab-mcp
Rank
83
A Model Context Protocol (MCP) server for GitLab
Traction
No public download signal
Freshness
Updated 2d ago
MCP
Crawler Summary
Defense MCP answer-first brief
I thought about naming it ShieldsUP! or HardenSoft but I figure I'll just keep it simple at Defense MCP. I'm a total noob when it comes to serious system hardening. Every time I spun up a new Linux box I'd end up down the same rabbit hole — Googling iptables syntax, forgetting how to configure PAM, staring at endless Reddit tutorial posts. So I built this thing. Defense MCP Server packs 31 security tool modules with 250+ actions into one MCP server. Hook it up to Claude Desktop, Cursor, or any MCP client and just tell it what you want in plain English. It calls the right tool with the right flags so you don't have to. I mainly just ask it to do a full security audit. Takes a bit and then it'll spit out a huge report. Then you can pick and choose what you want it to harden or fix and get your LLM to do exactly that. What's in the box: Firewalls (iptables/nftables/UFW) · kernel & host hardening · CIS/HIPAA/SOC2 compliance checks · patch management · SSH & PAM access control · ClamAV malware scanning · YARA rules · file integrity with AIDE · auditd & fail2ban logging · TLS/LUKS/GPG encryption · container security (AppArmor/seccomp) · network defense & packet capture · secrets scanning · incident response & forensics · eBPF/Falco · SBOM & supply chain verification · zero trust (WireGuard/mTLS) · DNS security · vuln scanning (nmap/nikto) · WAF management · threat intel feeds · cloud security (AWS/GCP/Azure) · API security · honeypots · wireless auditing. Won't blow up your box: Everything runs dry-run by default. There's a command allowlist (no shell interpreters ever touch your system), input sanitization against injection, automatic backups before any changes, and rate limiting. If a tool like ClamAV isn't installed yet, the server grabs it from your package manager automatically. Built by a noob, for fresh installs. If I can use it, you can too. Requires: Linux (Debian/Ubuntu/RHEL/Arch), Node.js 22+ I thought about naming it ShieldsUP! or HardenSoft but I figure I'll just keep it simple at Defense MCP. I'm a total noob when it comes to serious system hardening. Every time I spun up a new Linux box I'd end up down the same rabbit hole — Googling iptables syntax, forgetting how to configure PAM, staring at endless Reddit tutorial posts. So I built this thing. Defense MCP Server packs 31 security tool modules with Capability contract not published. No trust telemetry is available yet. Last updated 4/15/2026.
Freshness
Last checked 4/15/2026
Best For
Defense MCP is best for general automation workflows where MCP compatibility matters.
Not Ideal For
Contract metadata is missing or unavailable for deterministic execution.
Evidence Sources Checked
editorial-content, Smithery, runtime-metrics, public facts pack
Agent DossierSmitherySafety: 86/100
Defense MCP
I thought about naming it ShieldsUP! or HardenSoft but I figure I'll just keep it simple at Defense MCP. I'm a total noob when it comes to serious system hardening. Every time I spun up a new Linux box I'd end up down the same rabbit hole — Googling iptables syntax, forgetting how to configure PAM, staring at endless Reddit tutorial posts. So I built this thing. Defense MCP Server packs 31 security tool modules with 250+ actions into one MCP server. Hook it up to Claude Desktop, Cursor, or any MCP client and just tell it what you want in plain English. It calls the right tool with the right flags so you don't have to. I mainly just ask it to do a full security audit. Takes a bit and then it'll spit out a huge report. Then you can pick and choose what you want it to harden or fix and get your LLM to do exactly that. What's in the box: Firewalls (iptables/nftables/UFW) · kernel & host hardening · CIS/HIPAA/SOC2 compliance checks · patch management · SSH & PAM access control · ClamAV malware scanning · YARA rules · file integrity with AIDE · auditd & fail2ban logging · TLS/LUKS/GPG encryption · container security (AppArmor/seccomp) · network defense & packet capture · secrets scanning · incident response & forensics · eBPF/Falco · SBOM & supply chain verification · zero trust (WireGuard/mTLS) · DNS security · vuln scanning (nmap/nikto) · WAF management · threat intel feeds · cloud security (AWS/GCP/Azure) · API security · honeypots · wireless auditing. Won't blow up your box: Everything runs dry-run by default. There's a command allowlist (no shell interpreters ever touch your system), input sanitization against injection, automatic backups before any changes, and rate limiting. If a tool like ClamAV isn't installed yet, the server grabs it from your package manager automatically. Built by a noob, for fresh installs. If I can use it, you can too. Requires: Linux (Debian/Ubuntu/RHEL/Arch), Node.js 22+ I thought about naming it ShieldsUP! or HardenSoft but I figure I'll just keep it simple at Defense MCP. I'm a total noob when it comes to serious system hardening. Every time I spun up a new Linux box I'd end up down the same rabbit hole — Googling iptables syntax, forgetting how to configure PAM, staring at endless Reddit tutorial posts. So I built this thing. Defense MCP Server packs 31 security tool modules with
MCPself-declared
Public facts
4
Change events
1
Artifacts
0
Freshness
Apr 15, 2026
Verifiededitorial-contentNo verified compatibility signals
Capability contract not published. No trust telemetry is available yet. Last updated 4/15/2026.
Trust evidence available
Trust score
Unknown
Compatibility
MCP
Freshness
Apr 15, 2026
Vendor
Bottobot
Artifacts
0
Benchmarks
0
Last release
Unpublished
Executive Summary
Key links, install path, and a quick operational read before the deeper crawl record.
Summary
Capability contract not published. No trust telemetry is available yet. Last updated 4/15/2026.
Setup snapshot
- 1
Setup complexity is LOW. This package is likely designed for quick installation with minimal external side-effects.
- 2
Final validation: Expose the agent to a mock request payload inside a sandbox and trace the network egress before allowing access to real customer data.
Evidence Ledger
Everything public we have scraped or crawled about this agent, grouped by evidence type with provenance.
Vendor (1)
Vendor
Bottobot
profilemedium
Compatibility (1)
Protocol compatibility
MCP
contractmedium
Security (1)
Handshake status
UNKNOWN
trustmedium
Integration (1)
Crawlable docs
6 indexed pages on the official domain
search_documentmedium
Release & Crawl Timeline
Merged public release, docs, artifact, benchmark, pricing, and trust refresh events.
Artifacts Archive
Extracted files, examples, snippets, parameters, dependencies, permissions, and artifact metadata.
Extracted files
0
Examples
0
Snippets
0
Languages
Unknown
Docs & README
Full documentation captured from public sources, including the complete README when available.
Docs source
Smithery
Editorial quality
ready
I thought about naming it ShieldsUP! or HardenSoft but I figure I'll just keep it simple at Defense MCP. I'm a total noob when it comes to serious system hardening. Every time I spun up a new Linux box I'd end up down the same rabbit hole — Googling iptables syntax, forgetting how to configure PAM, staring at endless Reddit tutorial posts. So I built this thing. Defense MCP Server packs 31 security tool modules with 250+ actions into one MCP server. Hook it up to Claude Desktop, Cursor, or any MCP client and just tell it what you want in plain English. It calls the right tool with the right flags so you don't have to. I mainly just ask it to do a full security audit. Takes a bit and then it'll spit out a huge report. Then you can pick and choose what you want it to harden or fix and get your LLM to do exactly that. What's in the box: Firewalls (iptables/nftables/UFW) · kernel & host hardening · CIS/HIPAA/SOC2 compliance checks · patch management · SSH & PAM access control · ClamAV malware scanning · YARA rules · file integrity with AIDE · auditd & fail2ban logging · TLS/LUKS/GPG encryption · container security (AppArmor/seccomp) · network defense & packet capture · secrets scanning · incident response & forensics · eBPF/Falco · SBOM & supply chain verification · zero trust (WireGuard/mTLS) · DNS security · vuln scanning (nmap/nikto) · WAF management · threat intel feeds · cloud security (AWS/GCP/Azure) · API security · honeypots · wireless auditing. Won't blow up your box: Everything runs dry-run by default. There's a command allowlist (no shell interpreters ever touch your system), input sanitization against injection, automatic backups before any changes, and rate limiting. If a tool like ClamAV isn't installed yet, the server grabs it from your package manager automatically. Built by a noob, for fresh installs. If I can use it, you can too. Requires: Linux (Debian/Ubuntu/RHEL/Arch), Node.js 22+ I thought about naming it ShieldsUP! or HardenSoft but I figure I'll just keep it simple at Defense MCP. I'm a total noob when it comes to serious system hardening. Every time I spun up a new Linux box I'd end up down the same rabbit hole — Googling iptables syntax, forgetting how to configure PAM, staring at endless Reddit tutorial posts. So I built this thing. Defense MCP Server packs 31 security tool modules with
Full README
I thought about naming it ShieldsUP! or HardenSoft but I figure I'll just keep it simple at Defense MCP.
I'm a total noob when it comes to serious system hardening. Every time I spun up a new Linux box I'd end up down the same rabbit hole — Googling iptables syntax, forgetting how to configure PAM, staring at endless Reddit tutorial posts. So I built this thing.
Defense MCP Server packs 31 security tool modules with 250+ actions into one MCP server. Hook it up to Claude Desktop, Cursor, or any MCP client and just tell it what you want in plain English. It calls the right tool with the right flags so you don't have to. I mainly just ask it to do a full security audit. Takes a bit and then it'll spit out a huge report. Then you can pick and choose what you want it to harden or fix and get your LLM to do exactly that.
What's in the box: Firewalls (iptables/nftables/UFW) · kernel & host hardening · CIS/HIPAA/SOC2 compliance checks · patch management · SSH & PAM access control · ClamAV malware scanning · YARA rules · file integrity with AIDE · auditd & fail2ban logging · TLS/LUKS/GPG encryption · container security (AppArmor/seccomp) · network defense & packet capture · secrets scanning · incident response & forensics · eBPF/Falco · SBOM & supply chain verification · zero trust (WireGuard/mTLS) · DNS security · vuln scanning (nmap/nikto) · WAF management · threat intel feeds · cloud security (AWS/GCP/Azure) · API security · honeypots · wireless auditing.
Won't blow up your box: Everything runs dry-run by default. There's a command allowlist (no shell interpreters ever touch your system), input sanitization against injection, automatic backups before any changes, and rate limiting. If a tool like ClamAV isn't installed yet, the server grabs it from your package manager automatically.
Built by a noob, for fresh installs. If I can use it, you can too.
Requires: Linux (Debian/Ubuntu/RHEL/Arch), Node.js 22+
Contract & API
Machine endpoints, protocol fit, contract coverage, invocation examples, and guardrails for agent-to-agent use.
Contract coverage
Status
missing
Auth
None
Streaming
No
Data region
Unspecified
Protocol support
MCP: self-declared
Requires: none
Forbidden: none
Guardrails
Operational confidence: low
No positive guardrails captured.
Invocation examples
curl -s "https://xpersona.co/api/v1/agents/smithery-bottobot-defense-mcp-server/snapshot"
curl -s "https://xpersona.co/api/v1/agents/smithery-bottobot-defense-mcp-server/contract"
curl -s "https://xpersona.co/api/v1/agents/smithery-bottobot-defense-mcp-server/trust"
Reliability & Benchmarks
Trust and runtime signals, benchmark suites, failure patterns, and practical risk constraints.
Trust signals
Handshake
UNKNOWN
Confidence
unknown
Attempts 30d
unknown
Fallback rate
unknown
Runtime metrics
Observed P50
unknown
Observed P95
unknown
Rate limit
unknown
Estimated cost
unknown
Do not use if
Contract metadata is missing or unavailable for deterministic execution.
No benchmark suites or observed failure patterns are available.
Media & Demo
Every public screenshot, visual asset, demo link, and owner-provided destination tied to this agent.
No screenshots, media assets, or demo links are available.
Related Agents
Neighboring agents from the same protocol and source ecosystem for comparison and shortlist building.
GITLAB_PUBLIC_PROJECTSgitlab-mcp
Rank
80
A Model Context Protocol (MCP) server for GitLab
Traction
No public download signal
Freshness
Updated 2d ago
MCP
GITLAB_AI_CATALOGrmcp-openapi
Rank
74
Expose OpenAPI definition endpoints as MCP tools using the official Rust SDK for the Model Context Protocol (https://github.com/modelcontextprotocol/rust-sdk)
Traction
No public download signal
Freshness
Updated 2d ago
MCP
GITLAB_AI_CATALOGrmcp-actix-web
Rank
72
An actix_web backend for the official Rust SDK for the Model Context Protocol (https://github.com/modelcontextprotocol/rust-sdk)
Traction
No public download signal
Freshness
Updated 2d ago
MCP
Machine Appendix
Contract JSON
{
"contractStatus": "missing",
"authModes": [],
"requires": [],
"forbidden": [],
"supportsMcp": false,
"supportsA2a": false,
"supportsStreaming": false,
"inputSchemaRef": null,
"outputSchemaRef": null,
"dataRegion": null,
"contractUpdatedAt": null,
"sourceUpdatedAt": null,
"freshnessSeconds": null
}Invocation Guide
{
"preferredApi": {
"snapshotUrl": "https://xpersona.co/api/v1/agents/smithery-bottobot-defense-mcp-server/snapshot",
"contractUrl": "https://xpersona.co/api/v1/agents/smithery-bottobot-defense-mcp-server/contract",
"trustUrl": "https://xpersona.co/api/v1/agents/smithery-bottobot-defense-mcp-server/trust"
},
"curlExamples": [
"curl -s \"https://xpersona.co/api/v1/agents/smithery-bottobot-defense-mcp-server/snapshot\"",
"curl -s \"https://xpersona.co/api/v1/agents/smithery-bottobot-defense-mcp-server/contract\"",
"curl -s \"https://xpersona.co/api/v1/agents/smithery-bottobot-defense-mcp-server/trust\""
],
"jsonRequestTemplate": {
"query": "summarize this repo",
"constraints": {
"maxLatencyMs": 2000,
"protocolPreference": [
"MCP"
]
}
},
"jsonResponseTemplate": {
"ok": true,
"result": {
"summary": "...",
"confidence": 0.9
},
"meta": {
"source": "SMITHERY",
"generatedAt": "2026-04-17T04:12:08.354Z"
}
},
"retryPolicy": {
"maxAttempts": 3,
"backoffMs": [
500,
1500,
3500
],
"retryableConditions": [
"HTTP_429",
"HTTP_503",
"NETWORK_TIMEOUT"
]
}
}Trust JSON
{
"status": "unavailable",
"handshakeStatus": "UNKNOWN",
"verificationFreshnessHours": null,
"reputationScore": null,
"p95LatencyMs": null,
"successRate30d": null,
"fallbackRate": null,
"attempts30d": null,
"trustUpdatedAt": null,
"trustConfidence": "unknown",
"sourceUpdatedAt": null,
"freshnessSeconds": null
}Capability Matrix
{
"rows": [
{
"key": "MCP",
"type": "protocol",
"support": "unknown",
"confidenceSource": "profile",
"notes": "Listed on profile"
}
],
"flattenedTokens": "protocol:MCP|unknown|profile"
}Facts JSON
[
{
"factKey": "docs_crawl",
"category": "integration",
"label": "Crawlable docs",
"value": "6 indexed pages on the official domain",
"href": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceUrl": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceType": "search_document",
"confidence": "medium",
"observedAt": "2026-04-15T05:03:46.393Z",
"isPublic": true
},
{
"factKey": "vendor",
"category": "vendor",
"label": "Vendor",
"value": "Bottobot",
"href": "https://github.com/bottobot/defense-mcp-server",
"sourceUrl": "https://github.com/bottobot/defense-mcp-server",
"sourceType": "profile",
"confidence": "medium",
"observedAt": "2026-04-15T00:44:09.053Z",
"isPublic": true
},
{
"factKey": "protocols",
"category": "compatibility",
"label": "Protocol compatibility",
"value": "MCP",
"href": "https://xpersona.co/api/v1/agents/smithery-bottobot-defense-mcp-server/contract",
"sourceUrl": "https://xpersona.co/api/v1/agents/smithery-bottobot-defense-mcp-server/contract",
"sourceType": "contract",
"confidence": "medium",
"observedAt": "2026-04-15T00:44:09.053Z",
"isPublic": true
},
{
"factKey": "handshake_status",
"category": "security",
"label": "Handshake status",
"value": "UNKNOWN",
"href": "https://xpersona.co/api/v1/agents/smithery-bottobot-defense-mcp-server/trust",
"sourceUrl": "https://xpersona.co/api/v1/agents/smithery-bottobot-defense-mcp-server/trust",
"sourceType": "trust",
"confidence": "medium",
"observedAt": null,
"isPublic": true
}
]Change Events JSON
[
{
"eventType": "docs_update",
"title": "Docs refreshed: Sign in to GitHub · GitHub",
"description": "Fresh crawlable documentation was indexed for the official domain.",
"href": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceUrl": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceType": "search_document",
"confidence": "medium",
"observedAt": "2026-04-15T05:03:46.393Z",
"isPublic": true
}
]