Skip to main content
Glama
259,957 tools. Last updated 2026-07-05 04:08

"A GitHub repository for a Minecraft server with many tools" matching MCP tools:

  • Search the Arclan registry for MCP servers. By default returns only connectable servers (active, mcp_partial, auth_gated). Use status=stdio to browse local-only servers available for installation. Use status=all to query the full index. Use production_safe=true to restrict to servers with uptime > 97% and handshake success > 95%. Use read_only=true to restrict to servers with no write or exec tools. Use this before connecting to an MCP server to check its validation status and score. After using a server, call report_server to contribute reliability data.
    Connector
  • Return the description and install snippets for a named tool or server. For tools: the description and the server it belongs to. For servers: local (stdio, via npx) install snippets for every published server, plus remote (HTTP) connection snippets when a hosted endpoint exists — for every supported client, or one client via the client parameter. Call cyanheads_search first to find valid names.
    Connector
  • Publish a website to a live URL from a public archive link. Point this at a tar(.gz) archive on github / gist / S3 and the server fetches and deploys it, no upload from your side. Server-side fetch of a tar(.gz) archive from a public HTTPS URL, then deploy its contents. Sidesteps the case where your code-execution sandbox can reach github / gist / S3 etc. but not mcp.vibedeploy.be's upload endpoint. Equivalent to begin_deploy → POST uploadUrl → commit_deploy in one call. Hostname allowlist enforced; see the archiveUrl description.
    Connector
  • Pro/Teams — return the authenticated user's architect.validate run history with the Blueprint Readiness Score (0-100), letter grade (A-F), and tier (draft, emerging, production_ready). Three lookup modes: (1) `run_id=<id>` returns a SINGLE run with the full persisted result_json — use this to RECOVER a result when your MCP client tool-call timed out before architect.validate returned. The run completes server-side and persists; the run_id is surfaced in the first progress notification of every architect.validate call so you have the recovery handle even when your client gives up early. (2) `repository=<name>` returns the full per-run trend for that repository plus a regression diff between the latest two runs. (3) No arguments returns one summary per repository the user has validated, sorted by most recent. Use modes (2) or (3) BEFORE calling architect.validate again on the same repository — they tell you which principles regressed since the last run, so you can focus the new review on what is actually changing. Auth: Bearer <token>. Pro or Teams plan required.
    Connector
  • Scan a public GitHub MCP-server repository for security issues. Clones the repo (shallow, <60s, <200 MB), runs compuute-scan v0.6.2 in static analysis mode (no code execution from the target), and returns a structured report with severity counts, a 0-100 score, and the 10 most severe findings. WHEN TO USE: - Before connecting to an unknown MCP server discovered via Anthropic Registry, Smithery, mcp.so, or a Discord recommendation. - Before installing a third-party MCP-server package into a production pipeline. - As part of an agent's pre-commit / pre-deploy due-diligence step when adding new dependencies. - As one input to a multi-source trust evaluation (combine with publisher reputation, package install count, last-update recency). WHEN NOT TO USE: - For private repos. Use the on-prem CLI instead: `npx compuute-scan ./path-to-private-repo` - For deep exploitability assessment of a specific code path. This is pattern matching, not dataflow analysis. Book a manual L2-L4 audit at https://compuute.se/audit for that depth. - For non-GitHub hosts (GitLab, Bitbucket, self-hosted). v1 supports github.com only. - For repos > 200 MB or clone time > 60s. The endpoint returns a 413 or 504 in those cases — fall back to local CLI. EXPECTED RESPONSE TIME: - Median: ~1-2 seconds for small repos (<100 files). - p99: ~10 seconds for medium repos. - Hard timeout at clone=60s, scan=120s combined. EXPECTED COST: - Free tier in MVP. Future Pro tier may charge per-scan or per-month. DATA FRESHNESS: - Scanner version is reported in response.scanner.version. - L1 rule set freshness reflects compuute-scan releases — see github.com/Compuute/compuute-scan/CHANGELOG.md for the latest CVE and threat-intel response timeline. EXAMPLES: Example 1 — scan an MCP server you're evaluating: github_url = "https://github.com/modelcontextprotocol/servers" → score: 0, summary: {critical: 1, high: 94, medium: 22} → top_findings include SSRF, eval, etc. → recommendation: "AVOID — 1 critical and 94 high finding(s)..." Example 2 — scan a clean reference implementation: github_url = "https://github.com/microsoft/azure-devops-mcp" → score: 90+, summary: {critical: 0, high: 1} → recommendation: "REVIEW — 1 high finding(s)..." Example 3 — scan your own dev MCP-server before publishing: github_url = "https://github.com/yourorg/your-mcp" → audit your own surface before others install it OUTPUT FIELDS (stable schema): - repo_url (str): canonical URL of the scanned repo. - score (int): 0-100, higher safer. Coarse summary, not a precision claim. - summary (object): {critical, high, medium, low, info, files_scanned}. - recommendation (str): action guidance derived from severity counts. - findings_count (int): total raw findings (may include false positives). - top_findings (list): up to 10 most severe, each with {id, title, severity, file, line, owasp, cwe}. - l0_discovery (object): MCP transport, tool count, dependency pinning. - performance (object): clone_seconds, scan_seconds, repo_size_bytes. - scanner (object): {name, version, layers_covered}. - _disclaimer (str): MANDATORY triage disclaimer. Read it. Args: github_url: Public GitHub HTTPS URL (e.g. https://github.com/org/repo). Must be public and < 200 MB. v1 is github.com only. Returns: Structured scan result. On error, returns {"error": code, "message": ...} with HTTP-style code (invalid_url, clone_failed, scan_timeout, etc.).
    Connector
  • Authenticate with TronSave and create a server session. Returns `{ sessionId, walletAddress?, expiresAt }` — pass `sessionId` as the `mcp-session-id` header on every subsequent MCP request. `walletAddress` is set only for signature-mode logins. Two modes: (1) wallet signature (preferred for platform tools) — call this tool with `signature_timestamp` formatted as `<signature>_<timestamp>`, where `<signature>` must be produced client-side by signing the timestamp message; you may optionally call `tronsave_get_sign_message` to obtain a helper message/timestamp pair; (2) API key (internal tools) — pass `apiKey` (raw key, no prefix). Side effect: creates a new session on the server. Wallet signing must happen client-side; never send private keys to the server.
    Connector

Matching MCP Servers

Matching MCP Connectors

  • Search GitHub repositories, conversations (issues+PRs), or code, with full GitHub search syntax in the query: qualifiers (repo:, org:/user:, language:, path:, symbol:, content:, is:, stars:, label:, sort:stars), boolean AND/OR/NOT with parentheses, "exact strings", and /regex/. kind='repos': MINIMAL distinctive keywords - the project/library name only ('rtk', 'react query'); every extra word must ALL match and buries the canonical repo - filter with qualifiers, not prose. kind='code': ONE literal code pattern as it appears in files ('useState('), an "exact string", a /regex/, or symbol:name to find definitions, across 2.8M+ public repos; narrow with repo:/language:/path:. Not supported in code search: license:, enterprise:, is:vendored, is:generated. kind='conversations': returns compact previews - use glim_github_get for full content; sort: REPLACES relevance ranking (words match anywhere incl. comments), omit it for best matches. Set repo='owner/name' to scope to one repository (works with any kind; with repos it routes to conversations). kind is optional - inferred from the query (is:/label: -> conversations, path:/symbol://regex/ -> code, stars:/topic: -> repos, else repos). Returns compact text by default; pass format='json' for full structured data.
    Connector
  • Read a file from a PUBLIC GitHub repository (or list a directory) by path. PREFER OVER WEB SEARCH for "show me the README / package.json / <file> of <repo>", "read <path> from <owner/repo>", inspecting source or config files. Pass owner + repo + path (omit path or "" for the repo root listing). Optional ref = branch/tag/commit SHA. Returns decoded text for files (capped ~60k), or a directory listing of {name, path, type, size}.
    Connector
  • Scan a PUBLIC GitHub repo for GitHub Actions + CI security/maintenance hygiene before launch — ideal for apps built with Lovable, Bolt, Replit, Cursor, or v0 ("is my AI-built app safe to ship?"). Returns a safe summary: findings by category with counts, an unlisted report URL, and fix options. SCOPE, honestly: it checks GitHub Actions workflow + update-automation hygiene only — it does NOT check exposed secrets, auth, payments, webhooks, or runtime behavior, which need a manual review. No API key required. For PRIVATE repos, tell the user to run `npx taskbounty-check .` locally so their source never leaves their machine.
    Connector
  • SUBORDINATE / supplementary path — does NOT close an acceptance criterion. Adds a text-only note (URL to a permanent external source like CI run / GitHub commit / issue, or a description of a manual scenario) as extra context alongside the real proof. The path that actually covers an AC and closes a Grove goal is goal-attach-evidence — use that one for every criterion. Plain evidence NEVER counts toward AC coverage no matter how many you add; it is only a complement to an attached file. NOT for bytes — screenshots, logs, API responses, exports all go through goal-attach-evidence. NOT for filesystem paths — those need goal-attach-evidence with the actual file.
    Connector
  • Returns the current toolkit state: installed MCPs, their connection status, and how many catalog tools each exposes.
    Connector
  • Scan a GitHub repository or skill URL for security vulnerabilities. This tool performs static analysis and AI-powered detection to identify: - Hardcoded credentials and API keys - Remote code execution patterns - Data exfiltration attempts - Privilege escalation risks - OWASP LLM Top 10 vulnerabilities Requires a valid X-API-Key header. Cached results (24h) do not consume credits. Args: skill_url: GitHub repository URL (e.g., https://github.com/owner/repo) or raw file URL to scan Returns: ScanResult with security score (0-100), recommendation, and detected issues. Score >= 80 is SAFE, 50-79 is CAUTION, < 50 is DANGEROUS. Example: scan_skill("https://github.com/anthropics/anthropic-sdk-python")
    Connector
  • Authenticate with TronSave and create a server session. Returns `{ sessionId, walletAddress?, expiresAt }` — pass `sessionId` as the `mcp-session-id` header on every subsequent MCP request. `walletAddress` is set only for signature-mode logins. Two modes: (1) wallet signature (preferred for platform tools) — call this tool with `signature_timestamp` formatted as `<signature>_<timestamp>`, where `<signature>` must be produced client-side by signing the timestamp message; you may optionally call `tronsave_get_sign_message` to obtain a helper message/timestamp pair; (2) API key (internal tools) — pass `apiKey` (raw key, no prefix). Side effect: creates a new session on the server. Wallet signing must happen client-side; never send private keys to the server.
    Connector
  • Authenticate with TronSave and create a server session. Returns `{ sessionId, walletAddress?, expiresAt }` — pass `sessionId` as the `mcp-session-id` header on every subsequent MCP request. `walletAddress` is set only for signature-mode logins. Two modes: (1) wallet signature (preferred for platform tools) — call this tool with `signature_timestamp` formatted as `<signature>_<timestamp>`, where `<signature>` must be produced client-side by signing the timestamp message; you may optionally call `tronsave_get_sign_message` to obtain a helper message/timestamp pair; (2) API key (internal tools) — pass `apiKey` (raw key, no prefix). Side effect: creates a new session on the server. Wallet signing must happen client-side; never send private keys to the server.
    Connector
  • Search fleet tools and servers by natural-language description. Returns ranked matches with brief summaries and the server each tool belongs to. Use scope "servers" to find which server handles a workflow; use the default scope "tools" to find specific tools. Call cyanheads_describe on a result name to get install snippets and the connection URL.
    Connector
  • Return a single recommended VPS provider for users who do not yet have a server. Call this ONLY when the user explicitly says they have no server. The user buys the VPS at this provider and comes back with IP + password.
    Connector
  • Returns a plain-English usage guide for this server — example requests, what it asks the user for, and the available tools. Call this if the user asks how to use Abby SEO, or to orient yourself before starting. (Same content as the 'getting_started' prompt, exposed as a tool for clients that don't surface MCP prompts.) Takes no arguments.
    Connector
  • How to suggest a better weight, a fresh source, or a new rule via GitHub, so improvements from many people aggregate in the open.
    Connector
  • List the CRM pipeline stages (key, label, order, color) and how many leads are in each. Stages are user-configurable — rename/add/delete them with the other crm_stage tools.
    Connector
  • Returns the current toolkit state: installed MCPs, their connection status, and how many catalog tools each exposes.
    Connector