Skip to content

MCP Tools Reference

All tools are exposed by the fleet mcp server. Parameters marked required must be provided; all others are optional.

Each tool has a tier that controls access under the privilege-separated daemon. The tier is shown next to each tool name: read and mutate are allowed by default; destructive and secret are denied by default and require an operator opt-in in /etc/fleet/mcp-policy.json. See MCP Setup for the full tier model.


Fleet Management

fleet_status

Dashboard data for all apps: systemd state, containers, health.

No parameters.


fleet_list

List all registered apps with their configuration.

No parameters.


fleet_start

Start an app via systemctl.

ParameterTypeRequiredDescription
appstringYesApp name

fleet_stop

Stop an app via systemctl.

ParameterTypeRequiredDescription
appstringYesApp name

fleet_restart

Restart an app via systemctl.

ParameterTypeRequiredDescription
appstringYesApp name

fleet_logs (deprecated)

Get recent container logs. Marked deprecated in favour of the four token-conservative tools below — kept for backwards compatibility.

ParameterTypeRequiredDescription
appstringYesApp name
linesnumberNoNumber of log lines (default: 100)

fleet_logs_summary

Aggregate counts by level + top 10 distinct error/warn messages over a window. Cheapest log tool — your first pass before fetching raw text.

ParameterTypeRequiredDescription
appstringYesApp name
containerstringNoContainer name (defaults to first)
sinceMinutesnumberNoWindow in minutes (default: 60)

fleet_logs_recent

Bounded tail with level / since / grep filters. Defaults are deliberately small.

ParameterTypeRequiredDescription
appstringYesApp name
containerstringNoContainer (defaults to first)
linesnumberNoTail N lines (default: 50)
levelenumNodebug / info / warn / error (default: warn)
sinceMinutesnumberNoLook back this many minutes (default: 15)
grepstringNoSubstring filter applied after level

Output capped at 200 KB; appends a hint when truncated.


Bounded grep across recent logs. Returns matching lines, capped at maxResults.

ParameterTypeRequiredDescription
appstringYesApp name
containerstringNoContainer (defaults to first)
querystringYesSubstring or regex
sinceMinutesnumberNoWindow in minutes (default: 60)
maxResultsnumberNoCap results (default: 20)

fleet_logs_status

Per-container driver, current size, and policy applied. Use to find apps still on docker defaults (unbounded).

ParameterTypeRequiredDescription
appstringNoApp name (omit for all)

fleet_egress_snapshot

Snapshot the current outbound TCP flows for an app and report which destinations aren’t on the configured allowlist. Observe-only — never blocks traffic.

ParameterTypeRequiredDescription
appstringYesApp name

Returns { takenAt, uniqueRemotes, violations, flowCount }.


fleet_health

Run health checks for one or all apps.

ParameterTypeRequiredDescription
appstringNoApp name. Omit for all apps.

fleet_deploy (destructive)

Build and restart an app (runs docker compose build then restarts the systemd service).

ParameterTypeRequiredDescription
appstringYesApp name

fleet_rollback (destructive)

Roll back an app to its previous deployed image.

ParameterTypeRequiredDescription
appstringYesApp name

fleet_register

Register a new app in the fleet registry.

ParameterTypeRequiredDescription
namestringYesApp name (kebab-case identifier)
composePathstringYesAbsolute path to docker-compose directory
displayNamestringNoHuman-friendly name
composeFilestringNoCustom compose filename
serviceNamestringNoSystemd service name
domainsstring[]NoDomain names (default: [])
portnumberNoBackend port
typeenumNoApp type: proxy, spa, nextjs, service (default: service)
containersstring[]NoContainer names (auto-detected if omitted)
usesSharedDbbooleanNoUses shared database (default: false)
dependsOnDatabasesbooleanNoDepends on docker-databases (default: false)

fleet_freeze

Freeze a crash-looping service: stop it, disable it, and mark it frozen in the registry.

ParameterTypeRequiredDescription
appstringYesApp name
reasonstringNoReason for freezing

fleet_unfreeze

Unfreeze a frozen service: clear frozen state, enable and start the service.

ParameterTypeRequiredDescription
appstringYesApp name

Nginx

fleet_nginx_add

Create an nginx config for a domain. Tests the config and reloads nginx if the test passes.

ParameterTypeRequiredDescription
domainstringYesDomain name
portnumberYesBackend port (must be 1024–65535, not a reserved DB port)
typeenumNoproxy, spa, or nextjs (default: proxy)

fleet_nginx_list

List all nginx site configs.

No parameters.


Secrets

fleet_secrets_status

Show vault initialisation state, sealed/unsealed status, and key counts.

No parameters.


fleet_secrets_list

List managed secrets for an app (masked values). Shows vault contents.

ParameterTypeRequiredDescription
appstringNoApp name. Omit for all apps.

fleet_secrets_set

Set a single secret key/value for an app directly in the encrypted vault.

ParameterTypeRequiredDescription
appstringYesApp name
keystringYesSecret key name (e.g. DATABASE_URL)
valuestringYesSecret value

fleet_secrets_get (secret tier — deny-by-default)

Get a single decrypted secret value from the vault.

Access control: This tool is on the secret tier and is blocked by default under the privilege-separated daemon. It must be explicitly enabled in /etc/fleet/mcp-policy.json — for example, "fleet_secrets_get": "allow" or "fleet_secrets_get": { "apps": ["my-app"] }. This keeps it distinct from ordinary read tools so a compromised or unattended client cannot bulk-exfiltrate plaintext secrets within a normal read budget. The secret tier is rate-limited to 10 calls/min by default.

Returns the value stored in the encrypted vault, not the current runtime value. Use fleet_secrets_drift to check whether runtime differs from vault.

ParameterTypeRequiredDescription
appstringYesApp name
keystringYesSecret key name

fleet_secrets_unseal

Decrypt vault to /run/fleet-secrets/. Overwrites any runtime changes not yet sealed.

No parameters.


fleet_secrets_seal (mutate)

Seal runtime secrets back to the encrypted vault.

Important: If you modified environment variables at runtime (e.g. edited .env files in /run/fleet-secrets/), those changes will be lost on reboot unless you seal them back to the vault using this tool. Sealing re-encrypts the current runtime state into the vault so it persists across reboots.

An automatic backup of the existing vault file is created before sealing. Backups are named <file>.bak-<pid>-<timestamp>-<seq> so concurrent operations maintain distinct recovery points. If sealing fails the backup is restored automatically.

ParameterTypeRequiredDescription
appstringNoApp name. Omit to seal all apps.

fleet_secrets_drift

Detect drift between vault and runtime (/run/fleet-secrets/).

ParameterTypeRequiredDescription
appstringNoApp name. Omit to check all apps.

fleet_secrets_validate

Validate that compose secret references have matching entries in the vault.

ParameterTypeRequiredDescription
appstringNoApp name. Omit for all apps.

fleet_secrets_restore (mutate)

Restore vault from the most recent automatic backup. Backups are named <file>.bak-<pid>-<timestamp>-<seq> and the newest one is selected automatically.

ParameterTypeRequiredDescription
appstringYesApp name

Git

fleet_git_status

Git state for one or all apps: branch, clean/dirty, onboard status.

ParameterTypeRequiredDescription
appstringNoApp name. Omit for all apps.

fleet_git_onboard

Onboard an app to GitHub: create repo, push code, protect branches.

ParameterTypeRequiredDescription
appstringYesApp name
dryRunbooleanNoPreview without making changes (default: false)

fleet_git_branch

Create a feature branch from a base branch and push it.

ParameterTypeRequiredDescription
appstringYesApp name
branchstringYesNew branch name
fromstringNoBase branch (default: develop)
dryRunbooleanNoPreview without making changes (default: false)

fleet_git_commit

Stage tracked file changes and commit.

ParameterTypeRequiredDescription
appstringYesApp name
messagestringYesCommit message
dryRunbooleanNoPreview without making changes (default: false)

fleet_git_push

Push the current branch to origin.

ParameterTypeRequiredDescription
appstringYesApp name
dryRunbooleanNoPreview without making changes (default: false)

fleet_git_pr_create

Create a pull request on GitHub.

ParameterTypeRequiredDescription
appstringYesApp name
titlestringYesPR title
bodystringNoPR description
basestringNoTarget branch (default: develop)
dryRunbooleanNoPreview without making changes (default: false)

fleet_git_pr_list

List pull requests for an app.

ParameterTypeRequiredDescription
appstringYesApp name
stateenumNoopen, closed, or all (default: open)

fleet_git_release

Create a release PR from develop to main.

ParameterTypeRequiredDescription
appstringYesApp name
titlestringNoPR title (default: Release: <app>)
dryRunbooleanNoPreview without making changes (default: false)

Dependencies

fleet_deps_status

Dependency health summary from cache — outdated packages, CVEs, EOL warnings, Docker image updates.

No parameters.


fleet_deps_scan

Run a fresh dependency scan across all registered apps.

No parameters.


fleet_deps_app

Dependency findings for a specific app.

ParameterTypeRequiredDescription
appstringYesApp name

fleet_deps_fix

Create a PR with dependency updates for an app.

ParameterTypeRequiredDescription
appstringYesApp name
dryRunbooleanNoPreview changes without creating PR (default: true)

fleet_deps_ignore

Add an ignore rule for a dependency finding.

ParameterTypeRequiredDescription
packagestringYesPackage name to ignore
reasonstringYesWhy this is being ignored
appstringNoLimit to a specific app
untilstringNoAuto-expire date (YYYY-MM-DD)

fleet_deps_config (mutate)

Get or set dependency monitoring configuration.

ParameterTypeRequiredDescription
keystringNoConfig key to read or set
valuestringNoNew value (provide with key to set)

Audit

App Store compliance auditing via the greenlight binary. Requires greenlight to be installed (go install github.com/RevylAI/greenlight/cmd/greenlight@latest or set GREENLIGHT_BIN).

fleet_audit_run (mutate)

Run an App Store compliance audit on a mobile app project. Scans source code, the privacy manifest, and metadata for Apple App Store rejection risks. Returns the full report grouped by CRITICAL/WARN/INFO with a pass/fail summary.

ParameterTypeRequiredDescription
targetstringYesRegistered app name or path to a mobile project directory
ipaPathstringNoPath to a built .ipa for binary inspection

fleet_audit_status (read)

Show the most recent App Store audit results from cache without re-running a scan. Use as a cheap first pass before fleet_audit_run.

ParameterTypeRequiredDescription
targetstringNoApp name or path (omit for all cached audits)

fleet_audit_ignore (mutate)

Suppress a confirmed false-positive finding from future audits. Matched by exact title, optionally narrowed to a target and to findings whose file or code contains a substring.

ParameterTypeRequiredDescription
titlestringYesExact greenlight finding title to suppress
reasonstringYesWhy this finding is a false positive
targetstringNoLimit the rule to one audit target
containsstringNoOnly suppress findings whose file/code contains this substring

fleet_audit_guidelines (read)

Look up Apple App Store Review Guidelines via greenlight. Use to interpret a finding’s guideline reference or to guide a fix.

ParameterTypeRequiredDescription
actionenumYeslist — all sections; show — one section; search — keyword match
querystringNoSection number for show (e.g. 2.1) or keyword for search

TestFlight

Tools for listing TestFlight builds and checking publishing readiness via the App Store Connect API. Requires ASC_API_KEY_ID, ASC_API_KEY_ISSUER_ID, ASC_API_KEY_B64, and ASC_APP_ID in the app’s fleet secrets.

fleet_testflight_builds (read)

List an app’s TestFlight builds: build number, version, processing state, and expiry.

ParameterTypeRequiredDescription
appstringYesRegistered fleet app name

fleet_testflight_doctor (read)

Check TestFlight publishing readiness: gh CLI availability, GitHub repo, App Store Connect credentials, and ASC API reachability (when ASC_APP_ID is set).

ParameterTypeRequiredDescription
appstringYesRegistered fleet app name

Remote Runners

Register and manage remote build hosts that fleet targets over SSH for build tasks.

fleet_runner_register (mutate)

Register or update a remote build host. Stored in the runner registry (FLEET_RUNNERS_FILE, default ~/.local/share/fleet/runners.json).

ParameterTypeRequiredDescription
idstringYesHost ID — lowercase slug (e.g. mac-mini)
destinationstringYesSSH destination: user@host or an ssh_config alias
portnumberNoSSH port when not 22
identityFilestringNoPath to the private key fleet authenticates with
defaultCwdstringNoRemote working directory used when a task omits one

Every connection-bearing field is validated to prevent SSH option injection: destination must be a user@host, bare alias, or IPv6 literal and must not start with - (a literal -- is also placed before it on the ssh command line); identityFile and defaultCwd reject a leading - and control characters; port must be 1–65535. The same checks run again when the registry is loaded — an entry tampered with directly on disk is dropped (fail closed) rather than passed to ssh.


fleet_runner_list (read)

List registered remote build hosts.

No parameters.


fleet_runner_remove (mutate)

Remove a registered remote build host.

ParameterTypeRequiredDescription
idstringYesHost ID to remove

fleet_runner_status (read)

Doctor a registered remote build host over SSH: reachability plus a toolchain/disk preflight (OS, Node, Xcode, free disk). Reports whether a host can support iOS builds (requires full Xcode, not just command line tools).

ParameterTypeRequiredDescription
idstringYesHost ID to probe