Gitlab MCP Server

Overview Schema Related Servers Score Discussions

Tag

gitlab_tag

Destructive

Create, list, delete, and protect Git tags in a project. Unprotect tag patterns and verify GPG signatures. Intended for tag management, not releases or branches.

Instructions

Example: {"action":"create","params":{...}} For the params schema of any action, read the MCP resource gitlab://schema/meta/gitlab_tag/.

Manage Git tags and tag protections in a project, plus GPG signature inspection. Delete is destructive and also removes any release attached to the tag. When to use: create/list/delete tags, protect or unprotect tag patterns, verify a tag's GPG/X.509 signature. NOT for: releases (use gitlab_release — a release wraps a tag with notes/assets), branches (use gitlab_branch), repository file/commit operations (use gitlab_repository).

Returns:

list / list_protected: array of {name, target, message, protected, ...} with pagination.
get / create / get_protected / protect: tag or protection object.
get_signature: {signature_type, gpg_key_id, verification_status, ...} or X.509 equivalent.
delete / unprotect: {success: bool, message: string}. Errors: 404 not found, 403 forbidden (hint: requires Maintainer+ to protect/unprotect), 400 invalid params (hint: tag name must not exist for create).

Param conventions: * = required. All actions need project_id*. Access levels: 0 = no one, 30 = Developer, 40 = Maintainer.

create: project_id*, tag_name*, ref* (branch/tag/SHA), message (annotated tag if non-empty)
get / delete: project_id*, tag_name*
list: project_id*, search, order_by (name/updated/version), sort (asc/desc)
get_signature: project_id*, tag_name*
list_protected: project_id*
get_protected / unprotect: project_id*, tag_name*
protect: project_id*, tag_name* (literal or wildcard e.g. 'v*'), create_access_level (0/30/40), allowed_to_create (array of {user_id|group_id|deploy_key_id|access_level})

See also: gitlab_release (releases use tags as anchors), gitlab_repository (commits referenced by tags), gitlab_branch (branches).

Input Schema

TableJSON Schema

Name	Required	Description	Default
`action`	Yes	Action to perform. Pick exactly one of the values in `enum`. Each action expects its own `params` object — see the tool description for the per-action parameter list.
`params`	No	Action-specific parameters as a JSON object. Required and optional fields differ per action; consult this tool's description for the chosen action. Send only the fields documented for that action — unknown keys are rejected with a validation error (only reserved meta keys like `confirm` are stripped before validation). For the JSON Schema of a specific action's `params`, read the MCP resource `gitlab://schema/meta/{tool}/{action}` (replace placeholders with the tool name and the chosen action).

Output Schema

TableJSON Schema

Name	Required	Description	Default
`next_steps`	No	Optional. Suggested follow-up actions or tool calls for the LLM, contextual to the result.
`pagination`	No	Present on list actions. Use `has_more` and `next_page` to paginate through results.

Tool Definition Quality

A4.8/5.0

Behavior5/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations include destructiveHint=true and openWorldHint=true. The description adds that delete also removes attached releases, details error codes (404, 403, 400) with hints, and per-action return shapes. No contradictions with annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Well-structured with example, purpose, usage guidelines, returns, errors, param conventions, per-action details, and see also. Front-loaded but somewhat verbose; could be slightly more concise without losing information.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (9 actions, nested params, authentication, errors), the description covers all aspects: purpose, usage, param details per action, error handling, access levels, return shapes, and links to related tools. Output schema exists, but description also provides return value formats.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% with descriptions for action and params. Description adds per-action parameter lists, required/optional markers, constraints (e.g., 'tag name must not exist for create'), access level defaults, and wildcard support for protect, going well beyond schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool manages tags, tag protections, and GPG signature inspection. It explicitly distinguishes from siblings like gitlab_release, gitlab_branch, and gitlab_repository, and lists specific actions (create/list/delete tags, protect/unprotect, verify signatures).

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines5/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Provides explicit when-to-use: 'create/list/delete tags, protect or unprotect tag patterns, verify a tag's GPG/X.509 signature.' Also gives clear NOT-for with specific tool alternatives and hints like 'requires Maintainer+ to protect/unprotect'.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jmrplens/gitlab-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

Tag