Skip to content

Tools Overview

GitLab MCP Server exposes GitLab operations as MCP tools that AI assistants can invoke directly. It offers three tool modes — dynamic, meta-tool, and individual — that expose the same GitLab API surface with different packaging, so you can trade LLM context cost for tool-list granularity without losing any capability.

All three modes are projected from one canonical action catalog, so they share identical handlers, typed schemas, and safety behavior. They differ only in how operations are presented to the assistant: dynamic mode searches and executes canonical domain.action IDs, meta-tool mode groups actions by domain, and individual mode registers one tool per operation.

Choose the mode that matches how your MCP client discovers tools and how much context budget you can spend on the tool list. Dynamic mode is the default and the right choice for most assistants, because it keeps only two tools in the model’s context while still reaching every GitLab operation. Step up to meta-tool mode when your client works better with a fixed, domain-level tool list, and use individual mode only when a client needs every operation enumerated up front.

ModePublic tools exposedBest forRelative token cost
Dynamic (default)2 — gitlab_find_action, gitlab_execute_actionMost assistants; lowest context overheadLowest
Meta-tool32 base domain tools (more with Enterprise)A fixed, discoverable, domain-level tool listMedium
Individual847–1071 toolsClients that need every operation pre-listedHighest

Set the mode with the TOOL_SURFACE environment variable (dynamic, meta, or individual). Dynamic mode is used when TOOL_SURFACE is unset.

Individual mode registers one MCP tool per GitLab operation: 847 tools for CE, 1065 tools for self-managed Enterprise/Premium, or 1071 tools on GitLab.com Enterprise/Premium when Orbit is available. This gives an AI assistant maximum granularity — every operation is a distinct, individually described tool — at the cost of significant context tokens spent listing and disambiguating tools during discovery.

Meta-tool mode (TOOL_SURFACE=meta) consolidates related operations into domain-level meta-tools. Each meta-tool accepts an action parameter that routes to the appropriate handler, reducing the tool count to 32 base meta-tools, 49 on self-managed Enterprise/Premium, or 50 on GitLab.com Enterprise/Premium when Orbit is available. This dramatically improves token efficiency over individual mode while keeping a fixed, browsable tool list.

{
"tool": "gitlab_issue",
"arguments": {
"action": "create",
"project": "my-group/my-project",
"title": "Fix login redirect",
"description": "Users are redirected to 404 after login",
"labels": "bug,priority::high"
}
}

Dynamic mode (TOOL_SURFACE=dynamic) is the low-token default. It exposes only two public tools — gitlab_find_action and gitlab_execute_action (the singular gitlab_execute_action name is intentional) — while keeping every GitLab action reachable through the canonical catalog. The assistant first finds an action and its exact schema, then executes the canonical domain.action ID.

flowchart LR
	A[Find action and schema] --> B[Execute domain.action]
	B --> C[Existing GitLab handler]

Because meta-tools and dynamic mode share the canonical action catalog, safety behavior stays consistent across both modes: read-only filtering, safe-mode previews, token-scope filtering, destructive-action confirmations, schemas, and result formatting are identical.

All tools follow a consistent naming pattern:

  • Individual tools: gitlab_{action}_{resource} (e.g., gitlab_create_issue, gitlab_list_projects)
  • Meta-tools: gitlab_{domain} (e.g., gitlab_issue, gitlab_project)
  • Dynamic actions: canonical domain.action IDs executed through gitlab_execute_action (e.g., issue.create, merge_request.list)
Meta-toolDescriptionKey Actions
gitlab_projectProject CRUD, configuration, hooks, labels, milestones, members, badges, access tokens, todo, upload, and morelist, get, create, update, delete, fork, star, archive, label_*, milestone_*, members, badge_*, upload
gitlab_issueIssue lifecycle, notes, discussions, links, work items (including work item types), time tracking, award emoji, and resource eventslist, get, create, update, delete, note_*, link_*, discussion_*, work_item_*, time_*
gitlab_groupGroup CRUD, subgroups, members, badges, hooks, labels, milestones, transfer, and descendant projectslist, get, create, update, delete, label_*, milestone_*, member_*, badge_*, hook_*
gitlab_userUser information, status, SSH keys, GPG keys, emails, activity, preferences, and instance service accounts (Enterprise)get, current, list, ssh_key_*, gpg_key_*, email_*, status_*, service_account_*
gitlab_wikiWiki page management and attachmentslist, get, create, update, delete, upload_attachment
Meta-toolDescriptionKey Actions
gitlab_branchBranch management and protection rules (including branch rule queries via GraphQL)list, get, create, delete, protect, unprotect, branch_rule_*
gitlab_tagTag management and protection rules with GPG signature verificationlist, get, create, delete, protect, unprotect
gitlab_releaseRelease management and release asset linkslist, get, create, update, delete, link_*
gitlab_repositoryRepository tree, files, commits, diffs, blame, compare (including cross-project), cherry-pick, revert, contributors, archives, changelogs, markdowntree, file_*, commit_*, compare, blame, archive, changelog, submodule_*, discussion_*
gitlab_merge_requestMR lifecycle, approvals, approval rules, time tracking, subscriptions, context commits, award emoji, and resource eventslist, get, create, update, merge, rebase, approve, approval_*, time_*, event_*
Meta-toolDescriptionKey Actions
gitlab_mr_reviewMR notes, threaded discussions, code diffs, draft notes, and diff versionsnote_*, discussion_*, diff_*, draft_*, version_*
Meta-toolDescriptionKey Actions
gitlab_pipelinePipeline management, resource groups, test reports, trigger tokens, pipeline bridges, and pipeline scheduleslist, get, create, cancel, retry, delete, wait, schedule_*, trigger_*
gitlab_jobCI job management, artifacts, logs, and Kubernetes agents (force cancel supported)list, get, play, cancel, retry, erase, trace, artifacts, wait, k8s_*
gitlab_runnerCI/CD runner management, runner controllers, controller scopes, and controller tokenslist, get, update, remove, jobs, controller_*, register, verify
gitlab_ci_variableCI/CD variables at instance, group, and project scopelist, get, create, update, delete (at each scope level)
gitlab_environmentEnvironment management, protected environments, deployment freeze periods, and deployment recordslist, get, create, update, delete, stop, deployment_*, freeze_*
Meta-toolDescriptionKey Actions
gitlab_searchCross-resource search across projects, groups, and global scopecode, issues, merge_requests, commits, milestones, notes, projects, snippets, users, wiki
Meta-toolDescriptionKey Actions
gitlab_accessDeploy keys, deploy tokens, project access tokens, group access tokens, and access requestsdeploy_key_*, deploy_token_*, project_token_*, group_token_*
gitlab_adminInstance administration: Sidekiq, settings, license, broadcast messages, hooks, PATs, and moresidekiq_*, setting_*, license_*, broadcast_*, hook_*, pat_*
Meta-toolDescriptionKey Actions
gitlab_packagePackage registry management and generic package file upload/downloadlist, get, delete, upload, download, protection_rule_*
gitlab_snippetProject and personal snippets with discussions, notes, and award emojilist, get, create, update, delete, discussion_*, note_*
gitlab_templateProject templates (gitignores, CI YAML, Dockerfiles, licenses) and CI lintinggitignore_*, ci_*, dockerfile_*, license_*, lint
Meta-toolDescriptionKey Actions
gitlab_feature_flagsFeature flag and feature flag user list managementlist, get, create, update, delete, user_list_*
gitlab_model_registryML model package file download from GitLab Model Registrydownload
gitlab_ci_catalogCI/CD Catalog resource discovery (reusable components, templates)list, get
gitlab_custom_emojiGroup-level custom emoji management via GraphQLlist, get, create, delete
gitlab_resolve_projectResolve Git remote URLs to GitLab project IDsresolve

When the Enterprise/Premium catalog is enabled, the server registers 16 additional self-managed meta-tools for GitLab Premium and Ultimate features:

gitlab_merge_train, gitlab_audit_event, gitlab_dora_metrics, gitlab_dependency, gitlab_external_status_check, gitlab_group_scim, gitlab_member_role, gitlab_enterprise_user, gitlab_attestation, gitlab_compliance_policy, gitlab_project_alias, gitlab_geo, gitlab_vulnerability, gitlab_security_attribute, gitlab_security_category, gitlab_security_finding

On GitLab.com Enterprise/Premium, the catalog also registers gitlab_orbit with six read-only Knowledge Graph actions: status, schema, tools, dsl, query, and graph_status.

What is the difference between meta-tool mode and dynamic mode?

Section titled “What is the difference between meta-tool mode and dynamic mode?”

Both meta-tool and dynamic mode reduce token cost compared with individual mode, but they package operations differently. Meta-tool mode exposes a fixed list of 32 domain-level tools, each routing on an action parameter — useful when a client works best with a stable, browsable tool list. Dynamic mode exposes only two tools and resolves operations on demand through search, giving the smallest possible tool list. Both share the same handlers and safety behavior.

Do all modes support the same GitLab operations?

Section titled “Do all modes support the same GitLab operations?”

Yes. Dynamic, meta-tool, and individual modes are all projected from one canonical action catalog, so they cover the same GitLab REST and GraphQL operations. They differ only in packaging, not capability. Read-only filtering, safe-mode previews, destructive-action confirmations, token-scope filtering, and result formatting behave identically regardless of the mode you choose.

Individual mode exposes 847 tools on CE, 1065 on self-managed Enterprise/Premium, and 1071 on GitLab.com when Orbit is available. Meta-tool mode exposes 32 base domain tools (more with the Enterprise catalog). Dynamic mode always exposes exactly two public tools, regardless of how many GitLab operations are available.

Do Enterprise tools require a paid GitLab license?

Section titled “Do Enterprise tools require a paid GitLab license?”

Yes. Enterprise meta-tools — such as merge trains, DORA metrics, vulnerabilities, and compliance policies — require a GitLab Premium or Ultimate license on the connected instance. Forcing the Enterprise catalog on a Community Edition instance registers the tools, but the underlying API calls return permission errors because the features are not licensed.