GauntletCI logoGauntletCI

Extensions - MCP Server

MCP Server

The GauntletCI MCP server gives your AI coding assistant direct access to behavioral change risk analysis. Ask Claude, Copilot, or Cursor to check your current commit for risks - the assistant calls GauntletCI locally and explains the findings in context with your question.

Built-in MCP server (recommended)

The GauntletCI CLI ships a stdio MCP server today. No separate Node repository is required:

$ gauntletci mcp serve

Point your MCP client at that command (stdio). Requires a Pro license for MCP features. Exposes analyze_staged, analyze_diff, analyze_commit, list_rules, and audit_stats.

Optional: npm wrapper (coming soon)

The standalone GauntletCI-MCP Node repository is an optional wrapper for npm distribution. Use gauntletci mcp serve until @ericcogen/gauntletci-mcp is published.

How it works

The Model Context Protocol is an open standard that lets AI assistants call external tools. The GauntletCI MCP server is a local Node.js process that listens on stdin/stdout. When your assistant calls an analysis tool such as analyze_staged or analyze_commit, the server runs the local GauntletCI CLI and returns findings as structured JSON.

AI Assistant

Claude / Copilot / Cursor

--

MCP (stdio)

--

gauntletci-mcp

Node.js (local)

--

CLI spawn

--

GauntletCI CLI

.NET tool (local)

All processing is local. No code or diff content leaves your machine.

Prerequisites

  • +Node.js 20 or later
  • +GauntletCI CLI: dotnet tool install -g GauntletCI
  • +An MCP-compatible AI assistant (Claude Desktop, Copilot, or Cursor)

Build the MCP server from source

Until the npm package is published, clone the public source repository and run the built server with node dist/index.js.

$ git clone https://github.com/EricCogen/GauntletCI-MCP

$ cd GauntletCI-MCP && npm install && npm run build

Setup: Claude Desktop

Add the server to your Claude Desktop config file. On macOS the file is at ~/Library/Application Support/Claude/claude_desktop_config.json. On Windows it is at %APPDATA%\Claude\claude_desktop_config.json.

{
  "mcpServers": {
    "gauntletci": {
      "command": "node",
      "args": ["/path/to/GauntletCI-MCP/dist/index.js"]
    }
  }
}

Replace /path/to/GauntletCI-MCP/dist/index.js with the absolute path to the built server. Restart Claude Desktop after saving.

Setup: GitHub Copilot (VS Code)

Create or update .vscode/mcp.json in your workspace. This scopes the server to projects that use it.

{
  "servers": {
    "gauntletci": {
      "type": "stdio",
      "command": "node",
      "args": ["/path/to/GauntletCI-MCP/dist/index.js"]
    }
  }
}

Setup: Cursor

In Cursor, open Settings > MCP and add the server configuration, or add it directly to ~/.cursor/mcp.json:

{
  "mcpServers": {
    "gauntletci": {
      "command": "node",
      "args": ["/path/to/GauntletCI-MCP/dist/index.js"]
    }
  }
}

Available tools

ToolDescriptionParameters
analyze_stagedAnalyze staged changes in a git repository (pre-commit workflow).repo (optional, defaults to cwd)
analyze_diffAnalyze a raw unified diff string.diff (required)
analyze_commitAnalyze a specific git commit in a repository.repo (required), commit (required)
list_rulesReturn all available GauntletCI rules with id and name.none
audit_statsReturn aggregate scan statistics from the local audit log.none

Start the built-in MCP server with gauntletci mcp serve. Pass --ollama-model (and optionally --ollama-url) to enable LLM enrichment of high-confidence findings via a local or remote Ollama endpoint. Without --ollama-model, analysis is deterministic rules-only.

Example prompts

Once the MCP server is connected, you can ask your AI assistant directly about your commit. The assistant calls GauntletCI, parses the results, and responds in natural language.

You

Run GauntletCI on the repo at /Users/eric/projects/myapp and tell me what risks it found.

AI Assistant

I ran GauntletCI on the current HEAD commit. It found 3 issues: [Warn] GCI0001 — Diff contains mixed scope (code and docs changed together). [Block] GCI0003 — 2 method signatures changed (incompatible) in OrderService.cs. [Warn] GCI0004 — [Obsolete] added on GetOrder; verify migration message and callers.

You

Can you explain why the GCI0003 finding is a problem?

AI Assistant

GCI0003 fires when a method now throws a new exception type that no existing call sites are prepared to catch. In this case, PaymentService.ProcessPayment now throws InvalidOperationException under a condition that didn't exist before. If callers swallow all exceptions or only catch specific types, this new exception will propagate up as an unhandled crash at runtime - even if all existing tests pass, because the tests exercise the happy path that doesn't trigger the new branch.

Suggested prompts

"Are there any block-level risks in my current commit?"
"Get the GauntletCI SARIF report for this repo and summarize the top issues."
"Run GauntletCI in strict mode and explain any findings related to async code."
"What does finding GCI0003 mean and how do I fix it?"

Related

All integrations · GitHub Action · Pre-commit hook