SOLUTIONS · BY WHAT THEY TOUCH Payments Code & CI Data & databases Infrastructure Customer ops Org-wide rollout SOLUTIONS · BY AGENT TYPE Coding agents Customer-support agents Internal copilots Autonomous agents MCP DIRECTORY Tools Policies Risk Levels Token Cost MCP SECURITY AI Agent Security MCP Security Attack Database MCP Incidents Compliance LEARN Blog Research State of MCP Glossary Integrations Scan STACK CHECK DOCS PRICING GO LIVE

// MCP TOOL REFERENCE

MAKE TOOLS

202 tools from the Make MCP Server, categorised by risk level.

View the Make policy →

// ALL 202 MAKE TOOLS

READ 62 tools

Read run-list Lists workflow runs with optional filters. Returns structured list with run ID, status, conclusion, and wor... Read run-view Views a workflow run by ID. Returns structured data with status, conclusion, jobs (with steps), and workflo... Read ansible-inventory Queries Ansible inventory for hosts, groups, and variables. Returns structured JSON for --list or tree text... Read blame Shows commit annotations for a file, grouped by commit. Returns structured blame data with deduplicated com... Read bundle-check Verifies that the Gemfile Read compose-logs Retrieves Docker Compose service logs as structured entries. Read compose-ps Lists Docker Compose services with structured state and status information. Read count Counts pattern matches per file using ripgrep. Returns per-file match counts and totals. Read describe Describes a Kubernetes resource with detailed information. Read diff Returns file-level diff statistics as structured data. Use full=true for patch content. Read discover-tools List and load additional ${serverName} tools that aren Read discussion-list Lists GitHub Discussions for a repository via GraphQL. Returns structured list with discussion number, titl... Read env Returns Go environment variables as structured JSON. Optionally request specific variables. Read find Finds files and directories using fd with structured output. Returns file paths, names, and extensions. Read flake-show Shows the outputs of a Nix flake as a structured tree. Uses --json for machine-parseable output by default. Read format-check Checks if files are formatted and returns a structured list of files needing formatting. Read gem-list Lists installed Ruby gems with version information. Returns structured JSON with gem names and versions. Read gem-outdated Lists outdated Ruby gems showing current and latest available versions. Read gradle-dependencies Shows the Gradle dependency tree with structured output per configuration. Read gradle-tasks Lists available Gradle tasks with descriptions and groups. Uses Read head Makes an HTTP HEAD request via curl and returns structured response headers (no body). Use to check resourc... Read images Lists Docker images with structured repository, tag, size, and creation info. Read inspect Shows detailed container or image information with structured state, image, and platform data. Read label-list Lists repository labels. Returns structured data with label name, description, color, and default status. Read list Lists Go packages or modules and returns structured information. When Read list-package Runs dotnet list package and returns structured NuGet package listings per project and framework. Read log Returns commit history as structured data. Read log-graph Returns visual branch topology as structured data. Wraps Read logs Retrieves container logs as structured line arrays. Read maven-dependencies Shows the Maven dependency tree with structured output per artifact. Read mongosh-stats Gets MongoDB database statistics (collections, objects, data size, storage, indexes) via mongosh. Read mysql-list-databases Lists all MySQL databases with structured output. Read network-ls Lists Docker networks with structured driver and scope information. Read output Shows Terraform output values from the current state. Returns structured name/value/type/sensitive data. Read package-show-dependencies Shows the dependency tree of a Swift package and returns structured dependency data. Read pip-list Runs pip list and returns a structured list of installed packages. Read pip-show Runs pip show and returns structured package metadata (name, version, summary, dependencies). Read pr-checks Lists check/status results for a pull request. Returns structured data with check names, states, URLs, and ... Read pr-diff Returns file-level diff statistics for a pull request. Use full=true for patch/hunk content, or nameOnly=tr... Read pr-list Lists pull requests with optional filters. Returns structured list with PR number, state, title, author, br... Read pr-view Views a pull request by number, URL, or branch. Returns structured data with state, checks, review decision... Read ps Lists Docker containers with structured status, ports, and state information. Read psql-list-databases Lists all PostgreSQL databases via psql with owner, encoding, and size info. Read redis-info Gets Redis server info with structured sections (server, clients, memory, etc.). Read reflog Returns reference log entries as structured data, useful for recovery operations. Also supports checking if... Read release-list Lists GitHub releases for a repository. Returns structured list with tag, name, draft/prerelease/latest sta... Read repo-view Views repository details. Returns structured data with name, owner, description, stars, forks, languages, t... Read search Searches the npm registry for packages matching a query. Read secret-list Lists repository, organization, or environment secret names and metadata. Secret values are not exposed by ... Read show Shows commit details and diff statistics for a given ref. When Read ssh-keyscan Retrieves public host keys from a remote SSH server using Read stash-list Lists all stash entries with index, message, date, branch, and optional file change summary. Returns struct... Read state-list Lists all resources tracked in the Terraform state. Returns resource addresses. Read stats Returns a snapshot of container resource usage (CPU, memory, network/block I/O, PIDs) as structured data. Read status Returns the working tree status as structured data (branch, staged, modified, untracked, conflicts). Read tree Displays the dependency tree for a Rust project. Read validate Validates Terraform configuration files for syntax and consistency errors. Returns structured diagnostics. Read variable-list Lists repository, organization, or environment GitHub Actions variables with values and metadata. Read volume-ls Lists Docker volumes with structured driver, mountpoint, and scope information. Read issue-list Lists issues with optional filters. Returns structured list with issue number, state, title, labels, assign... Read issue-view Views an issue by number or URL. Returns structured data with state, labels, assignees, author, milestone, ... Read plan Shows the Terraform execution plan with resource change counts. Read-only — does not modify infrastructure.

WRITE 27 tools

Write remote Manages remote repositories. Supports list (default), add, remove, rename, set-url, prune, and show actions... Write package-init Initializes a new Swift package and returns structured result with created files. Write pr-ready Marks a pull request as ready for review (or converts it back to draft when undo=true). Returns structured ... Write pr-reopen Reopens a previously closed pull request, optionally with a comment. Returns structured data with PR number... Write pr-review Submits a review on a pull request (approve, request-changes, or comment). Returns structured data with the... Write archive Creates an archive of files from a git repository. Supports tar, tar.gz, and zip formats. Returns structure... Write biome-format Formats files with Biome (format --write) and returns a structured list of changed files. Write checkout Switches branches or restores files. Returns structured data with ref, previous ref, whether a new branch w... Write commit Creates a commit with the given message. Returns structured data with hash, message, and change statistics.... Write config Manages git configuration values. Supports get, set, list, and unset actions. Operates at local, global, sy... Write flake-update Updates flake lock file inputs and returns structured information about what was updated. Write gist-create Creates a new GitHub gist from one or more files. Returns structured data with gist ID, URL, visibility, fi... Write issue-close Closes an issue with an optional comment and reason. Returns structured data with issue number, state, URL,... Write issue-comment Adds, edits, or deletes a comment on an issue. Returns structured data with the comment URL, operation type... Write issue-create Creates a new issue. Returns structured data with issue number, URL, and labels applied. Write issue-update Updates issue metadata (title, body, labels, assignees, milestone, projects). Write label-create Creates a new repository label. Returns structured data with label name, description, color, and URL. Write pr-close Closes a pull request with an optional comment and optional branch deletion. Returns structured data with P... Write pr-comment Adds, edits, or deletes a comment on a pull request. Returns structured data with the comment URL, operatio... Write pr-create Creates a new pull request. Returns structured data with PR number and URL. Write pr-merge Merges a pull request by number, URL, or branch. Returns structured data with merge status, method, URL, an... Write pr-update Updates pull request metadata (title, body, labels, assignees, reviewers, milestone, base branch, projects)... Write prettier-format Formats files with Prettier (--write) and returns a structured list of changed files. Write release-create Creates a new GitHub release with optional asset uploads. Returns structured data with tag, URL, draft, pre... Write secret-set Sets a repository, organization, or environment GitHub Actions secret. Secret values are sent via stdin and... Write update Updates dependencies in the lock file. Optionally updates a single package. Write variable-set Sets a repository, organization, or environment GitHub Actions variable. Variables are not secret and may b...

DESTRUCTIVE 13 tools

Destructive clean Runs dotnet clean to remove build outputs and returns structured results. Destructive remove Runs Destructive reset Resets the current HEAD to a specified state. Supports soft, mixed, hard, merge, and keep modes. The Destructive secret-delete Deletes a repository, organization, or environment GitHub Actions secret. Destructive tag Manages git tags. Supports list (default), create, and delete actions. List returns structured tag data wit... Destructive vagrant Manages Vagrant VMs: status, global-status, up, halt, destroy. Destructive variable-delete Deletes a repository, organization, or environment GitHub Actions variable. Destructive workspace Manages Terraform workspaces: list, select, create, or delete workspaces. Destructive package-clean Cleans Swift package build artifacts and returns structured result. Destructive branch Lists, creates, renames, or deletes branches. Returns structured branch data. Pass Destructive compose-down Stops Docker Compose services and returns structured status. Destructive stash Pushes, pops, applies, drops, shows, or clears stash entries. Returns structured result with action, succes... Destructive worktree Lists, adds, removes, locks, unlocks, or prunes git worktrees for managing multiple working trees. Returns ...

EXECUTE 100 tools

Execute conda Runs conda commands (list, info, env-list, create, remove, update) and returns structured JSON output. Execute mod-tidy Runs go mod tidy to add missing and remove unused module dependencies. Execute bazel Bazel build system operations: build, test, query, info, run, clean, fetch. Execute build Runs a build command and returns structured success/failure with errors and warnings. Execute cmake CMake build system operations: configure, build, test, list-presets, install, clean. Execute compose-build Builds Docker Compose service images and returns structured per-service build status. Execute exec Executes arbitrary commands inside a running Docker container and returns structured output. WARNING: may e... Execute gradle-build Runs Execute lerna Runs Lerna monorepo commands (list, run, changed, version) and returns structured package information. Execute maven-build Runs Execute rsync Syncs files between local and remote locations using rsync. WARNING: Defaults to dry-run mode for safety — ... Execute run Runs a script or file with Execute run-rerun Re-runs a workflow run by ID. Optionally re-runs only failed jobs or a specific job. Returns structured res... Execute ssh-run Executes a command on a remote host via SSH. WARNING: This runs commands on a remote machine. Ensure the ho... Execute uv-run Runs a command in a uv-managed environment and returns structured output. Execute vite-build Runs Vite production build and returns structured output files with sizes. Execute webpack Runs webpack build with JSON stats output and returns structured assets, errors, and warnings. Execute ansible-galaxy Installs or lists Ansible collections and roles from Galaxy or a requirements file. Execute ansible-playbook Runs an Ansible playbook and returns structured play recap with per-host results. Execute api Makes arbitrary GitHub API calls via Execute audit Runs cargo audit and returns structured vulnerability data. Execute biome-check Runs Biome check (lint + format) and returns structured diagnostics (file, line, rule, severity, message). Execute bisect Binary search for the commit that introduced a bug. Returns structured data with action taken, current comm... Execute black Runs Black code formatter and returns structured results (files changed, unchanged, would reformat). Execute bundle-exec Executes a command in the context of the Gemfile bundle using Execute check Runs cargo check (type check without full build) and returns structured diagnostics. Faster than build for ... Execute cherry-pick Applies specific commits to the current branch. Returns structured data with applied commits, any conflicts... Execute clippy Runs cargo clippy and returns structured lint diagnostics. Execute compose-up Starts Docker Compose services and returns structured status. Execute coverage Runs tests with coverage and returns structured coverage summary per file. Execute develop Enters or queries a Nix dev shell. When a command is provided, runs it inside the dev shell and returns the... Execute doc Generates Rust documentation and returns structured output with warning count. Execute esbuild Runs the esbuild bundler and returns structured errors, warnings, and output files. Execute flake-check Checks a Nix flake for errors and returns structured check results, warnings, and errors. Execute fmt Checks or fixes Rust formatting and returns structured output. Execute get Downloads and installs Go packages and their dependencies. Execute gitleaks Runs Gitleaks to detect hardcoded secrets in git repositories. Returns structured finding data with redacte... Execute golangci-lint Runs golangci-lint and returns structured lint diagnostics (file, line, linter, severity, message). Execute gradle-test Runs Execute hadolint Runs Hadolint (Dockerfile linter) and returns structured diagnostics (file, line, rule, severity, message). Execute info Runs Execute init Initializes a Terraform working directory. Downloads providers, configures backend, and prepares for plan/a... Execute jq Processes and transforms JSON using jq expressions. Accepts JSON from a file path or inline string. Returns... Execute lint Runs Execute maven-test Runs Execute maven-verify Runs Execute mongosh-eval Evaluates a MongoDB expression via mongosh and returns the output. Execute mypy Runs mypy and returns structured type-check diagnostics (file, line, severity, message, code). Execute mysql-query Executes a MySQL query and returns structured tabular output. Execute nvm Manages Node.js versions via nvm. Execute nx Runs Nx workspace commands and returns structured per-project task results with cache status. Execute outdated Runs Execute oxlint Runs Oxlint and returns structured diagnostics (file, line, column, rule, severity, message). Execute pip-audit Runs pip-audit and returns a structured vulnerability report. Execute playwright Runs Playwright tests with JSON reporter and returns structured results with pass/fail status, duration, an... Execute pm-ls Runs Execute poetry Runs Poetry commands and returns structured output. Execute psql-query Executes a PostgreSQL query via psql and returns structured tabular output. Execute pull Pulls a Docker image from a registry and returns structured result with digest info. Execute pyenv Manages Python versions via pyenv. Execute pytest Runs pytest and returns structured test results (passed, failed, errors, skipped, failures). Execute rebase Rebases the current branch onto a target branch. Supports abort, continue, skip, and quit for conflict reso... Execute redis-command Executes a Redis command via redis-cli and returns the response. Execute redis-ping Tests Redis connectivity by sending a PING command. Execute reload Rebuilds the MCP server (or a specified project) and sends a Execute repo-clone Clones a GitHub repository. Returns structured data with success status, repo name, target directory, and m... Execute request Makes an HTTP request via curl and returns structured response data (status, headers, body, timing). Execute rollup Runs Rollup bundler and returns structured bundle output with errors and warnings. Execute ruff-check Runs ruff check and returns structured lint diagnostics (file, line, code, message). Execute ruff-format Runs ruff format and returns structured results (files changed, file list). Execute semgrep Runs Semgrep static analysis with structured rules and findings. Returns structured finding data with sever... Execute shell Makes packages available in the environment and optionally runs a command. Returns stdout, stderr, exit cod... Execute shellcheck Runs ShellCheck (shell script linter) and returns structured diagnostics (file, line, column, rule, severit... Execute ssh-test Tests SSH connectivity to a remote host using Execute stylelint Runs Stylelint and returns structured diagnostics (file, line, column, rule, severity, message). Execute task Runs a named task from deno.json via Execute test Runs Execute trivy Runs Trivy vulnerability/misconfiguration scanner on container images, filesystems, or IaC configs. Returns... Execute tsc Runs the TypeScript compiler and returns structured diagnostics (file, line, column, code, message). Execute turbo Runs Turborepo tasks and returns structured per-package results with cache hit/miss info. Execute vet Runs go vet and returns structured static analysis diagnostics with analyzer names. Uses -json flag for nat... Execute yq Processes and transforms YAML, JSON, XML, TOML, and properties files using yq expressions. Accepts input fr... Execute add Runs Execute add-package Runs dotnet add package to add a NuGet package and returns structured results. WARNING: may execute untrust... Execute apply Applies a Kubernetes manifest file. Execute bundle-install Installs Gemfile dependencies using Execute gem-install Installs a Ruby gem using Execute generate Runs go generate directives in Go source files. WARNING: may execute untrusted code. Execute helm Manages Helm releases (install, upgrade, list, status, history, template). Returns structured JSON output. Execute install Runs Execute merge Merges a branch into the current branch. Supports abort, continue, and quit actions. Returns structured dat... Execute package-resolve Resolves Swift package dependencies and returns structured resolution results. Execute package-update Updates Swift package dependencies and returns structured update results. Execute pip-install Runs pip install and returns a structured summary of installed packages. WARNING: may execute untrusted code. Execute post Makes an HTTP POST request via curl and returns structured response data. Convenience wrapper for the reque... Execute publish Runs dotnet publish for deployment and returns structured output with output path and diagnostics. Execute push Pushes commits to a remote repository. Returns structured data with success status, remote, branch, summary... Execute restore Runs dotnet restore to restore NuGet dependencies and returns structured results. Execute submodule Manages git submodules. Supports list (default), add, update, sync, and deinit actions. List returns struct... Execute uv-install Runs uv pip install and returns a structured summary of installed packages. WARNING: may execute untrusted ...

// FAQ

How many tools does the Make MCP server have? +

The Make MCP server exposes 202 tools across 4 categories: Read, Write, Destructive, Execute.

How do I enforce policies on Make tools? +

Route the Make server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard; they are enforced on every call before it reaches the server.

What risk categories do Make tools fall into? +

Make tools are categorised as Read (62), Write (27), Destructive (13), Execute (100). Each category has a recommended default policy.

Enforce policy on every Make tool call.

Start from Make, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →

Free to start. No card required.

43,000+ MCP servers and 220,000+ tools scanned and risk-classified.