Checks Apache web server processes and provides HTTP performance probing capabilities for Apache-hosted services.
Provides vendor-aware firewall troubleshooting runbooks and diagnostics for Cisco ASA devices.
Enables curl-based HTTP timing probes and performance testing for web endpoints.
Executes comprehensive Debian system administration commands including APT package management, systemd services, Docker operations, PostgreSQL management, network configuration, filesystem operations, security hardening, and Kubernetes orchestration.
Manages Docker containers and operations on Ubuntu and Debian systems, including advanced container lifecycle management.
Supports ESLint integration for code quality enforcement during development and testing workflows.
Provides vendor-aware firewall troubleshooting runbooks and diagnostics for Fortinet devices.
Surfaces Homebrew hygiene reports, updates, application sizing, and optional cleanup operations for macOS package management.
Performs database server diagnostics and health checks for Keycloak authentication infrastructure.
Executes Kubernetes operations and cluster management tasks on Ubuntu and Debian systems.
Runs Lighthouse audits for web performance analysis and optimization recommendations as part of web service status checks.
Exports DevOps task plans and debugging tracks in Linear-ready payload formats for project management integration.
Provides comprehensive macOS administration including system health snapshots, launch services management, cleanup routines, log aggregation, VPN diagnostics, Wi-Fi analysis, deep diagnostics and repair workflows, and wireless subsystem troubleshooting.
Supports Markdown format for thought exports, structured reports, and automatic bootstrapping from existing Markdown notes.
Checks Nginx server processes, performs database server diagnostics for Nginx configurations, and provides HTTP performance probing capabilities.
Exports DevOps task plans and debugging tracks in Notion-ready payload formats for project management integration.
Utilizes npm for package management and build processes in the Node-based MCP server infrastructure.
Provides vendor-aware firewall troubleshooting runbooks for Palo Alto Networks devices and executes PAN-OS CLI commands over SSH with operational presets.
Provides vendor-aware firewall troubleshooting runbooks and diagnostics for pfSense firewall systems.
Manages PM2 process manager operations on Ubuntu and Debian systems for Node.js application lifecycle management.
Performs comprehensive PostgreSQL database server diagnostics, health checks, and advanced management operations on Ubuntu and Debian systems.
Performs database server diagnostics and health checks for Redis cache infrastructure.
Built with TypeScript for type-safe development with support for running from TypeScript sources during development.
Executes comprehensive Ubuntu system administration commands including APT package management, systemd services, Docker operations, PostgreSQL management, network configuration, filesystem operations, security hardening, Kubernetes orchestration, and remote health reporting via SSH.
IT-MCP
Node-based Model Context Protocol (MCP) server that wraps a curated collection of macOS administration, diagnostics, and optimisation tasks. Tools are exposed over the MCP interface so they can be orchestrated by compatible AI assistants or automation frameworks.
Highlights
System health snapshots (uptime, load, memory, disk, launch services)
Tunable cleanup routines with safe dry-run previews
Log aggregation with predicate and process filters
Homebrew hygiene reports and application sizing
Network inspection (connections, listeners, firewall, Wi-Fi, bandwidth)
Guided
tcpdumppacket capture with managed output locationsEmail diagnostics covering MX records, authentication, connectivity, and mailbox consumption
Microsoft 365 and Intune tenant insights via the
m365CLIVPN troubleshooting, ad-hoc SSH execution, and remote Ubuntu/Debian health reports
Web operations tooling for server process visibility and HTTP performance probes
Network port scanning and firewall diagnostics using netcat and native macOS tooling
Structured thinking framework and thought tracking utilities for planning sessions
Related-thought analysis, progress tracking, and import/export helpers for thinking pipelines
First capture automatically bootstraps from existing Markdown notes (
*.md,Claude.md,Agents.md) when presentDevOps task planner converts thought history into CI/CD stages, debugging tracks, and Linear/Notion-ready payloads
Compliance auditing and evidence packaging aligned with Essential 8 and NIST frameworks
Network infrastructure diagnostics covering path tracing, firewall policy audits, and dual-stack health
Security scanning orchestration for CodeQL and OpenVAS (with optional install automation)
Ubuntu & Debian administration tooling (APT, systemd, Nginx, PM2, advanced Docker/PostgreSQL, SMB/NFS/ACL, firewall & security hardening, storage buckets, Kubernetes ops)
Remote Windows administration via PowerShell remoting (service/process control, event logs, firewall, scheduled tasks)
Windows Server management extensions for updates, roles/features, and live performance telemetry
Cross-vendor firewall troubleshooting playbooks (Palo Alto Networks, PAN-OS, Cisco ASA, Fortinet, Check Point, pfSense)
PAN-OS CLI runner for direct operational commands over SSH
Deep macOS diagnostics & repair workflows (local or remote via SSH)
Database server diagnostics covering PostgreSQL, Redis, Keycloak, Nginx, and firewall posture
Structured reporting hub that links tool outputs into the Structured Thinking timeline for cross-tool insights
Wireless diagnostics for macOS (signal status, nearby scan, throughput sampling, Wi-Fi subsystem logs)
Capability-aware execution router ready for delegated remote agents across macOS/Linux/Windows
Getting Started
Run during development with TypeScript sources:
Ship the compiled server over stdio (useful for MCP shells such as Claude Desktop):
MCP Tools
Tool | Purpose | Notable parameters |
| Consolidated uptime, load, memory, disk, and top processes |
|
| Lists launchd services for startup triage |
|
| Microsoft 365/Intune overview using the m365 CLI |
|
| Checks nginx/Apache/Node processes, optional headers & Lighthouse audit |
|
| Curl-based timing probe for a URL |
|
| TCP/UDP port scan with optional nmap |
|
| pfctl and application firewall status | none |
| Provides staged thinking framework |
|
| Records sequential thoughts with metadata |
|
| Builds DevOps tasks, CI/CD pipeline, and debug tracks from thought history |
|
| Audits structured thinking coverage, stale entries, and high-priority follow-ups |
|
| Generates Markdown/JSON reports from structured thinking timeline |
|
| Runs Essential 8/NIST assessments and builds evidence packages |
|
| Generates path traces, firewall reviews, and dual-stack checks |
|
| Builds vendor-aware firewall troubleshooting runbooks |
|
| Deep macOS analytics & repair (local or SSH) |
|
| Database host health (Postgres/Redis/Keycloak/Nginx/firewall/system) |
|
| Installs/runs CodeQL & OpenVAS scans |
|
| Executes Ubuntu administration commands |
|
| Executes Debian administration commands |
|
| Executes remote Windows administration via PowerShell Remoting |
|
| Runs PAN-OS CLI commands over SSH (with presets) |
|
| Runs macOS Wi-Fi diagnostics (status, scans, performance, logs) |
|
| Exports tracked thoughts to JSON/Markdown |
|
| Imports thoughts from JSON/Markdown payloads |
|
| Generates summaries and related-thought analysis |
|
| Retrieves MX records for a domain |
|
| Probes SMTP/IMAP endpoints for TCP reachability |
|
| Inspects SPF, DKIM, and DMARC TXT records |
|
| Collects macOS VPN configuration and process information |
|
| Runs an arbitrary SSH command against a remote host |
|
| Remote Ubuntu health snapshot via SSH |
|
| Remote Debian health snapshot via SSH |
|
| Measures mailbox storage usage with optional breakdown |
|
| Cache purge, downloads pruning, optional Time Machine thinning |
|
| Collects log excerpts using |
|
| Surfaces Homebrew updates and optional cleanups |
|
| Netstat, listeners, optional firewall/Wi-Fi/bandwidth sampling |
|
| Time-bounded |
|
All tools emit both human-readable text blocks and machine-friendly structuredContent payloads.
Privilege & Safety Model
The server prefixes sensitive commands with
sudoby default. Disable this behaviour by exportingIT_MCP_ALLOW_SUDO=falsebefore launch if you prefer to run everything as an unprivileged user.Always run
cleanup-runbookin the default dry-run mode first. Only rerun withdryRun=falseafter vetting the previewed commands.Packet captures are stored in
./capturesunlessIT_MCP_CAPTURE_DIRor theoutputDirectoryinput is provided. Rotate captures and restrict access appropriately.Commands that stream large volumes of data (
nettop,tcpdump,log show) are bounded with sensible defaults; adjust parameters cautiously when running on production hosts.Windows administration tooling depends on PowerShell 7 (
pwsh) being available in the container and WinRM/PowerShell remoting access to the target host. Provide credentials via environment variables (defaultWINDOWS_REMOTE_PASSWORD) when needed.
Environment Variables
Variable | Default | Effect |
|
| Controls whether |
|
| Base directory for packet capture output files |
|
| Controls winston log level ( |
Extending The Server
Add new services under
src/services/to wrap reusable command logic.Register additional MCP tools in
src/tools/registerTools.ts.Update the instructions string in
src/index.tsso clients know how to use new capabilities.Always prefer
CommandRunnerfor shell execution so you inherit consistent sudo, timeout, and error handling semantics.The execution router (
ExecutionRouter) maps tool requests to local execution or future remote agents; implement agent dispatch inRemoteAgentServicewhen rolling out remote workers.
Testing & Validation
npm run buildcompiles the TypeScript sources.npm run lintenforces lint rules (install ESLint globally or vianpm installfirst).Consider running tools in dry-run mode initially when integrating with downstream automations.