Skip to main content
Glama
jbroll

MCP Build Environment Service

by jbroll
OverviewInspectSchemaRelated ServersScoreDiscussions
Python
Hybrid

git

Execute git commands for version control in isolated build environments, supporting operations like status, checkout, pull, and branch management with worktree isolation.

Instructions

Run git commands in a repository. Limited to safe operations: status, log, checkout, pull, branch, diff, fetch, reset, show. If branch is specified, creates/uses a hidden worktree (.repo@branch) for isolation.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
argsYesGit command and arguments (e.g., 'status', 'checkout main', 'pull origin main')
repoYesRepository name (required)
branchNoGit branch name (optional). If provided, uses isolated worktree.

Implementation Reference

  • src/server.py:502-519 (handler)
    The main handler function for the 'git' MCP tool. It extracts repo, branch, and args from input, validates the git arguments, constructs the git command by splitting the args string, executes it in the appropriate repository worktree using locking for isolation, and returns the formatted output.
    async def handle_git(self, args: Dict[str, Any]) -> List[TextContent]: """Handle git command""" repo = args.get("repo") branch = args.get("branch") git_args = args.get("args", "") if not git_args: raise ValueError("git command requires arguments") # Validate arguments validate_git_args(git_args) # Build command cmd = ["git"] + shlex.split(git_args) # Execute in appropriate worktree with locking result = await self.execute_in_worktree(repo, branch, cmd) return [TextContent(type="text", text=result)]
  • src/server.py:348-371 (registration)
    Registration of the 'git' tool in the MCP server, including its description and input schema defining required 'repo' and 'args' parameters, and optional 'branch'.
    Tool( name="git", description="Run git commands in a repository. " "Limited to safe operations: status, log, checkout, pull, branch, diff, fetch, reset, show. " "If branch is specified, creates/uses a hidden worktree (.repo@branch) for isolation.", inputSchema={ "type": "object", "properties": { "args": { "type": "string", "description": "Git command and arguments (e.g., 'status', 'checkout main', 'pull origin main')" }, "repo": { "type": "string", "description": "Repository name (required)" }, "branch": { "type": "string", "description": "Git branch name (optional). If provided, uses isolated worktree." } }, "required": ["args", "repo"] } ),
  • src/server.py:353-370 (schema)
    Input schema for the 'git' tool specifying the JSON structure expected: object with 'args' (string, required), 'repo' (string, required), 'branch' (string, optional).
    inputSchema={ "type": "object", "properties": { "args": { "type": "string", "description": "Git command and arguments (e.g., 'status', 'checkout main', 'pull origin main')" }, "repo": { "type": "string", "description": "Repository name (required)" }, "branch": { "type": "string", "description": "Git branch name (optional). If provided, uses isolated worktree." } }, "required": ["args", "repo"] }
  • src/validators.py:14-16 (helper)
    Set of allowed git subcommands that the git tool can execute, used by the validator to restrict to safe operations.
    ALLOWED_GIT_COMMANDS = { "status", "log", "checkout", "pull", "branch", "diff", "fetch", "reset", "show" }
  • src/validators.py:71-117 (helper)
    Helper function to validate git arguments: checks for dangerous shell patterns (like ; | &), ensures subcommand is in allowed list, and blocks force options on checkout/pull.
    def validate_git_args(args: str) -> None: """ Validate git command arguments Only allows safe read-only and branch operations: - status, log, branch, diff, show (read-only) - checkout, pull, fetch (branch operations) Args: args: Git command arguments Raises: ValueError: If arguments contain dangerous patterns or disallowed commands """ if not args: raise ValueError("Git command requires arguments") # Check for dangerous patterns if contains_dangerous_pattern(args): raise ValueError(f"Git arguments contain dangerous patterns: {args}") # Extract the git subcommand (first word) parts = args.strip().split() if not parts: raise ValueError("Empty git command") subcommand = parts[0].lower() # Check if subcommand is allowed if subcommand not in ALLOWED_GIT_COMMANDS: raise ValueError( f"Git subcommand '{subcommand}' not allowed. " f"Allowed commands: {', '.join(sorted(ALLOWED_GIT_COMMANDS))}" ) # Additional checks for specific commands if subcommand == "checkout": # Block checkout with -f (force) or -b with remote paths if "-f" in parts or "--force" in parts: raise ValueError("Force checkout not allowed") if subcommand == "pull": # Block force pull if "-f" in parts or "--force" in parts: raise ValueError("Force pull not allowed")

This server cannot be installed

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jbroll/mcp-build'

If you have feedback or need assistance with the MCP directory API, please join our Discord server