Schema | AnB-MCP

AnB-MCP

Overview Schema Related Servers Score Discussions

Server Configuration

Describes the environment variables required to run the server.

Name	Required	Description	Default
`ANB_MCP_ALICE_DIR`	No	Path to the Alice directory for the MCP identity	~/.anb/alice-mcp

Capabilities

Features and capabilities supported by this server

Capability	Details
`tools`	{ "listChanged": true }
`logging`	{}

Tools

Functions exposed to the LLM to take actions

Name	Description
anb_execA	Run an operator-allowlisted command with named secrets injected into the child process's environment. SIDE EFFECT: spawns a real subprocess — default-deny, only commands matching a scope=mcp allowlist rule run, everything else is refused. NOT idempotent (effects depend on the command). Requires an enrolled identity and a reachable, unlocked Bob to resolve agent-vault:key placeholders. Returns the exit code plus REDACTED stdout/stderr; the raw secret is never returned even if the child prints it. A denied or failed command returns a non-zero exit_code with the reason in stderr_redacted.
anb_listA	List the secret key names and metadata this identity may reference — never the values. Read-only and idempotent, no side effects. Requires an enrolled identity and a reachable, unlocked Bob KMS daemon; errors if Bob is unreachable/locked or the identity is unauthorized. Use this to discover which agent-vault:key names exist before referencing them in anb_exec or anb_render_to_file.
anb_redactA	Scrub text: replace known secret values and high-entropy tokens with agent-vault:key placeholders. Read-only, idempotent, no side effects, and needs no Bob connection. Fail-safe by design — may over-redact, never under-redact. Use before logging or returning any text that might contain a secret.
anb_render_to_fileA	Render a template containing agent-vault:key placeholders and write the resolved file (mode 0600) under the confined render dir. SIDE EFFECT: writes a file to disk (overwrites if the path exists). Requires an enrolled identity and a reachable, unlocked Bob to resolve placeholders. Returns the written path, NEVER the resolved content — the caller never sees the secret values. out_path is relative to the render dir; absolute paths and .. traversal are rejected.
anb_statusA	Read-only self-check: reports enrollment, client-cert presence, Bob reachability and unlock state, identity, server name, and idle-TTL. No side effects, idempotent, returns NO secret values. Call this first to confirm the vault is ready before anb_list/anb_exec/anb_render_to_file; on failure the error field explains why (e.g. Bob unreachable or locked).

Prompts

Interactive templates invoked by user choice

Name	Description
No prompts

Resources

Contextual data attached and managed by the client

Name	Description
No resources

Server Configuration
Capabilities
Tools
Prompts
Resources

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/kaka-milan-22/AnB_MCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server